The national cyber security policy, announced last week, is much delayed, but finally formulates a set of ideas and guidelines for action in an important area of national security.
The stability of the real world is linked to the cyber world now.
Flow and storage of information and its handling by computers are important elements in national security, the working of public and private entities like companies and the lives of individuals. Revelations about US surveillance and data mining programmes and reports about cyber attacks originating from China or other countries have underlined the need for putting in place an effective cyber security system for the country. Such initiatives can never be solely defensive. Offensive capabilities should also be developed to ensure the best protection of national interests. Protection of infrastructure like defence systems, nuclear installations, power production and distribution facilities and communications will naturally receive the highest priority.
According to IT minister Kapil Sibal, the policy is a framework document that provides a broad outline of a vision, but the challenge is in its implementation.
It aims to set up a nodal agency to co-ordinate all matters relating to cyber security with a number of other agencies for specialised functions like infrastructure protection and crisis management. Procurement of strategic information and development of security technology are important areas of attention. However, the policy has not clearly defined and demarcated the functions of all these agencies. One major proposal is to create a work force of five lakh cyber security personnel in the next five years. This will serve as a virtual army but there are doubts whether raising such a force is possible when even private companies are finding it difficult to recruit qualified technical personnel.
There is criticism that the policy is long on goals and generalities and short on strategies and details. But in a policy framework, especially when the issues relate to national security and concern the cyber world, specific programmes need not be detailed in public. In fact the policy and actions may even have to evolve through enforcement. The policy is also silent on the place of the IT Act in its scheme and the need to respect the privacy and freedom of individuals. The entire scheme will be tested and strengthened by implementation. A good beginning has been made.
Deccan Herald is on WhatsApp Channels| Join now for Breaking News & Editor's Picks