Need for a strong cyber-security workforce
Surya Kiran Sharma
Security
forces in India were on red alert as Republic Day approached with all
personnel busy guarding the vital installations and defending the
country’s frontiers. However, little attention was paid to the cyber
space as Pakistani hackers defaced over 2000 Indian websites on January
25, 2014, including that of Central Bank of India. The operation was
called “#OP26jan” and its success reflects the lack of technological
preparedness within the government to deal with such threats.
A
whitepaper issued by The Associated Chambers of Commerce and Industry
of India (ASSOCHAM) in collaboration with private services companyKPMG
on October 15, 2013 has highlighted the lack of cyber security
professionals in the country. India has at its disposal only 556 trained
specialists to tackle cyber threats, a number which dwarfs in
comparison to 91,000 in the United States and 1.25 lakh in China. These
numbers become more relevant considering India has at around 74 million,
the world’s third-largest internet using population, behind China and
the US, and the country also has the world’s third-largest standing
army.India lacked a stand-alone cyber security policy until the National
Cyber Security Policy was launched in July 2013, which remains a draft
document on what the government hopes to achieve. However, little action
has since been taken to achieve the targets and objectives spelt out in
the policy document resulting in a weak institutional structure to
protect the country’s cyber space.
The
Cyber Security Policy 2013 envisions creating a 500,000-strong
workforce of professionals skilled in cyber security and fostering
education and training programmes in the formal and informal sectors.
These figures look difficult to achieve unless the government
collaborates with academic institutions to tap the technical skills of
students at the earliest level.Israel, the undisputed world leader in
using technology for national security and defence, has paved the way
for the establishment of a new model totap the resources available in
universities and integrate those with the efforts of the defence forces
and private companies. The inauguration of the Advanced Technology Park
(ATP) on the campus of the Ben Gurion University in Be’er Sheva, Israel
has facilitated the symbiotic integration of the tech companies in
Israel with the defence forces and the academia, to bridge the gap
between the country’s cyber-security preparedness and the level of
technological sophistication of the forces that have identified internet
as the new dimension of warfare.The ATP plays host to a number of
private tech companies, like Deutsche Telekom and Oracle, who will
collaborate with BGN Technologies, an entity of the University that
commercialises academic research and assists the Israeli defence forces
to secure the country’s cyber domain.
A
report by Cisco published in January 2014 titled Annual Security Report
2014 also highlights the lack of adequate cyber security warriors
available to the government. The report points out that Indian
government websites have been breached over 1000 times in the past three
years and the country is short of over 4 lakh professionals skilled in
cyber security.An important reason for these regular attacks on the
critical national data has been the failure on the government’s part to
attract people with the requisite technical skills and expertise. The
lack of competitive remunerations in comparison to what the private
organisations are willing to pay forces the best minds to shun the
government.
The
government needs to work on capacity building and skill development if
it wants to achieve the target of 500,000 cyber security professionals
in the next five years. As internet becomes the fifth dimension of
warfare after land, air, water and space, necessary steps need to be
taken to develop forces capable of securing the country’s critical and
sensitive information. Special educational institutions providing
courses on cyber security need to be set up across the country with
additional similar programs being run in the existing colleges. Training
should be provided to acclimatise the responsible personnel with the
latest changes in technology and the advancements in cyber domain.
The
Indian Computer Emergency Response Team (CERT-In) has been earmarked as
the umbrella agency to coordinate all cyber emergency and crisis
response efforts and protect country’s software based
infrastructureunder the cyber security policy. However, the government
has sanctioned the creation of the National Cyber Coordination Centre
(NCCC) to assess potential cyber threats and ensure better coordination
between various intelligence agencies. A proposal has also been cleared
to have National Technical Research Organisation (NTRO) take care of key
infrastructure including power, telecommunications, railways and
airport.
The
need of the hour is a nodal organisation that supervises the cyber
security efforts of various agencies involved in protecting India’s
information structure. The armed forces have also been targeting
aCommand Centre on the lines of the US Cyber Command (USCYBERCOM). The
creation of all these institutions requires skilled personnel; a close
partnership with the private sector and the academia is hence essential
to realise the intended goals.
The
concept of “Attack by Stratagem” states that fighting and conquering
all battles is not supreme excellence; it lies in breaking the enemy’s
resistance without fighting.As conflicts move away from battlefields and
onto computers in air-conditioned rooms situated thousands of miles
from the target, there is a need to concentrate efforts on creating
acyber-security force adept at protecting country’s information and
communication data and networks.
The author is an intern at CLAWS. Views expressed are personal.
http://www.claws.in/Need-for-a-strong-cyber-security-workforce-SuryaKiran.html
|
The Profession of Arms: A Guide for Young Army Officers
It takes courage, especially for a young officer, to check a man met on the road for not saluting properly or for slovenly appearance, but, every time he does, it adds to his stock of moral courage, and whatever the soldier may say, he has respect for the officer who does pull him up.
Read Document →The Dragon's Teeth: Assessing China's Military Modernization
PLA has focused on modernising its capabilities across all warfare domains to achieve these goals. This includes land, air, and maritime operations, nuclear, space, counter-space, electronic warfare and cyberspace operations, aiming to become a fully integrated joint force.
Read Document →Transforming the PLA: A Decade of reorganisation from SSF to ISF
PRC has engaged in a sustained and broad effort to transform the PLA from an infantry-heavy, low-technology, ground forces-centric military into a high-technology, networked force with an increasing emphasis on joint operations and naval and air power projection.
Read Document →Eyes without Borders: Exploring the World of Open Source Intelligence (OSINT) in the Digital Age
Open Source Intelligence (OSINT) is gaining prominence with the rise of social media, the digital society and the vast growth of publicly and commercially available information (PAI and CAI).
Read Document →
The PLA’s Developing Cyber Warfare Capabilities and India's Options
Informationised warfare blurs the lines between peacetime and wartime. A nation in the information age cannot wait for the hostilities to break out to collect intelligence, carryout influence operations, develop antisatellite systems or design computer software weapons.
Read Document →
Galwan and After
Why did China did this when he is under tremendous pressure in all fronts, is this China's salami slice tactics being progressed rigorously, what will be new Rules of Engagement, what will be escalatory control mechanism, who has taken this decision, will there be some pressure put by China in India's North-East through insurgency.
Read Document →
India’s Joint Doctrine for Cyberspace Operations: A Critical Review
Chief of Defence Staff (CDS) General Anil Chauhan and Secretary, Department of Military Affairs, formally released declassified versions of the Joint Doctrines for Cyberspace Operations during the Chiefs of Staff Committee meeting in New Delhi.
Read Document →
Know your Enemy General(now Field Marshal) Syed Aseem Munir
Gen SA Munir's position in the hierarchy of Pakistan was not very comfortable. The state of economy, insurgency in Pakhtoonistan and Balochistan, attack on the Jaffar Express, constant protests by supporters of Imran Khan's supporters inside and outside of parliament.
Read Document →
Decoding Operation SINDOOR: Key Aspects and Implications
Precision strikes were carried out on nine sites—four in Pakistan and five in PoK—linked to anti-India terrorist groups such as the LeT, JeM and the Hizbul Mujahideen. The targeted sites included Muridke (LeT headquarters) and Bahawalpur (JeM headquarters).
Read Document →
Chinese Cyber Exploitation in India's Power Grid - Is There a linkage to Mumbai Power Outage?
The New York Times (NYT), based on analysis by a U.S. based private intelligence firm Recorded Future, reported that a Chinese entity penetrated India’s power grid at multiple load dispatch points. Chinese malware intruded into the control systems that manage electric supply across India, along with a high-voltage transmission substation and a coal-fired power plant
Read Document →
No comments:
Post a Comment