16,619
edits
National Cyber Security Policy 2013 (edit)
Revision as of 00:21, 26 September 2023
, 26 September 2023Updated the article +/-
imported>Omnilegent No edit summary |
Ajay Kumar (talk | contribs) m (Updated the article +/-) |
||
| Line 6: | Line 6: | ||
|date=24 Sep 2013| access-date = 2013-09-24}}</ref> | |date=24 Sep 2013| access-date = 2013-09-24}}</ref> | ||
==Reason for Cyber Security== | ==Reason for Cyber Security policies== | ||
[[India]] had no [[Cyber security]] policy before 2013. In 2013, ''[[The Hindu]]'' newspaper, citing documents leaked by [[National Security Agency|NSA]] [[whistleblower|whistle-blower]] [[Edward Snowden]], has alleged that much of the NSA surveillance was focused on India's domestic politics and its strategic and commercial interests.<ref>{{Cite news|url=https://www.thehindu.com/opinion/editorial/protect-dont-snoop/article4895582.ece|title=Protect, | [[India]] had no [[Cyber security]] policy before 2013. In 2013, ''[[The Hindu]]'' newspaper, citing documents leaked by [[National Security Agency|NSA]] [[whistleblower|whistle-blower]] [[Edward Snowden]], has alleged that much of the NSA surveillance was focused on India's domestic politics and its strategic and commercial interests.<ref>{{Cite news|url=https://www.thehindu.com/opinion/editorial/protect-dont-snoop/article4895582.ece|title=Protect, don't snoop|last=Editorial|date=9 July 2013|work=The Hindu|access-date=2019-01-02|language=en-IN|issn=0971-751X}}</ref> This sparked a furore among people. Under pressure, the government unveiled a National Cyber Security Policy 2013 on 2 July 2013. | ||
== Vision == | |||
To build a secure and resilient cyberspace for citizens, business, and government and also to protect anyone from intervening in user's privacy. | To build a secure and resilient cyberspace for citizens, business, and government and also to protect anyone from intervening in user's privacy.It mentioned a five year target of training five lakh cyber security personnel by 2018. | ||
== Mission == | |||
To protect information and information infrastructure in cyberspace, build capabilities to prevent and respond to cyber threat, reduce vulnerabilities and minimize damage from cyber incidents through a combination of institutional structures, people, processes, technology, and cooperation. | To protect information and information infrastructure in cyberspace, build capabilities to prevent and respond to cyber threat, reduce vulnerabilities and minimize damage from cyber incidents through a combination of institutional structures, people, processes, technology, and cooperation. | ||
== Objective == | |||
[[Ministry of Communications and Information Technology (India)]] define objectives as follows: | [[Ministry of Communications and Information Technology (India)]] define objectives as follows: | ||
*To create a secure cyber ecosystem in the country, generate adequate trust and confidence in IT system and transactions in cyberspace and thereby enhance adoption of IT in all sectors of the economy. | *To create a secure cyber ecosystem in the country, generate adequate trust and confidence in IT system and transactions in cyberspace and thereby enhance adoption of IT in all sectors of the economy. | ||
*To create an assurance framework for the design of security policies and promotion and enabling actions for compliance to global security standards and best practices by way of conformity assessment (Product, process, technology & people). | *To create an assurance framework for the design of security policies and promotion and enabling actions for compliance to global security standards and best practices by way of conformity assessment (Product, process, technology & people). | ||
*To strengthen the Regulatory Framework for ensuring a SECURE CYBERSPACE ECOSYSTEM. | *To strengthen the Regulatory Framework for ensuring a SECURE CYBERSPACE ECOSYSTEM. | ||
*To enhance and create National and Sectoral level 24x7 mechanism for obtaining strategic information regarding threats to ICT infrastructure, creating scenarios for response, resolution and crisis management through effective predictive, preventive, protective response and recovery actions. | *To enhance and create National and Sectoral level 24x7 mechanism for obtaining strategic information regarding threats to ICT infrastructure, creating scenarios for response, resolution and crisis management through effective predictive, preventive, protective response and recovery actions. | ||
| Line 30: | Line 30: | ||
*To enable effective prevention, investigation and prosecution of cybercrime and enhancement of law enforcement capabilities through appropriate legislative intervention. | *To enable effective prevention, investigation and prosecution of cybercrime and enhancement of law enforcement capabilities through appropriate legislative intervention. | ||
== Strategies == | |||
* Creating a secured Ecosystem. | * Creating a secured Ecosystem. | ||
* Creating an assurance framework. | * Creating an assurance framework. | ||
* Encouraging Open Standards. | * Encouraging Open Standards. | ||
* Strengthening The regulatory Framework. | * Strengthening The regulatory Framework. | ||
* Creating mechanism for Security Threats Early Warning, Vulnerability management and response to security | * Creating a mechanism for Security Threats Early Warning, Vulnerability management, and response to security threats. | ||
* Securing E-Governance services. | * Securing E-Governance services. | ||
* Protection and resilience of Critical Information Infrastructure. | * Protection and resilience of Critical Information Infrastructure. | ||
* Promotion of Research and Development in cyber security. | * Promotion of Research and Development in cyber security. | ||
* Reducing supply chain risks | * Reducing supply chain risks | ||
* Human Resource Development (fostering education and training programs both in formal and informal sectors to | * Human Resource Development (fostering education and training programs both in formal and informal sectors to Support the Nation's cyber security needs and build capacity. | ||
* Creating cyber security awareness. | * Creating cyber security awareness. | ||
* Developing effective Public Private | * Developing effective Public-Private partnerships. | ||
* To develop bilateral and multilateral | * To develop bilateral and multilateral relationships in the area of cyber security with another country. ('''Information sharing and cooperation''') | ||
* Prioritized approach for implementation. | * a Prioritized approach for implementation. | ||
== See also == | == See also == | ||