The Indian Government has once again reiterated its key strategies to strengthen its cyber defense and safeguard its citizens in the digital space. India’s cybersecurity strategy includes spreading awareness on multiple agencies and acts in place to fight cybercrime along with helplines numbers for citizens to report digital frauds. These initiatives were highlighted in an official government press communication released on July 25, 2024.
In April this year, the government released a report that by December 2023, India had a whopping 936.16 million internet subscriptions, transforming it into one of the largest connected nations worldwide. Termed as ‘Digital Nagriks’, Indians are increasingly integrating the internet into their daily lives, relying on it for essential needs such as business transactions, education, financial activities, and accessing government services digitally.
Recognizing the critical importance of a secure digital environment, the Government of India has been implementing robust policies aimed at safeguarding its vast online community. These measures are designed to ensure a safe, trusted, and secure cyberspace amidst the growing prevalence of cyber threats and attacks in today’s interconnected world.
Understanding CERT-In: India’s Backbone Agency of Cybersecurity
Established as the national agency for incident response, the Indian Computer Emergency Response Team (CERT-In) plays an imperative role in safeguarding India’s cyber landscape. Operating a 24×7 incident response help desk, CERT-In ensures timely responses to reported cybersecurity incidents. The organization offers comprehensive Incident Prevention and Response services alongside Security Quality Management Services to enhance cybersecurity measures across the nation.
CERT-In has registered several cases of cybercrimes during the last three years as depicted in this image.
CERT-In’s Efforts to Combat Cybercrime
CERT-In collaborates with service providers, regulators, and Law Enforcement Agencies (LEAs) to track and disable phishing websites and investigate fraudulent activities.
- CERT-In issues advisory to ministries outlining measures to strengthen cyber security for entities handling digital personal data, including sensitive information.
- CERT-In issues advisories through Reserve Bank of India, the country’s apex bank, for audits and implementation of security practices by entities issuing prepaid payment instruments.
- CERT-In operates an automated cyber threat exchange platform for sharing tailored alerts across sectors.
- CERT-In manages the Cyber Swachhta Kendra for detecting and removing malicious programs, providing cyber security tips.
- The platform has formulated a Cyber Crisis Management Plan for countering cyber-attacks across government and critical sectors.
- CERT-In conducts cybersecurity mock drills to assess the readiness of organizations; 92 drills conducted with participation from diverse sectors.
- CERT-In conducts training and workshops on specialized cyber security topics and offers a self-paced Cyber Security Foundation Course in collaboration with the National Institute of Securities Markets and C-DAC.
India’s Initiatives to Enhance Cybersecurity Awareness
The Indian government is empowering its citizens in the fight against cybercrime through the following initiatives:
-
Cyber Crime Coordination Centre
The government has established the Indian Cyber Crime Coordination Centre (14C) to enhance the coordinated response of law enforcement agencies (LEAs) to cybercrimes. This initiative aims to provide a cohesive framework for addressing digital threats comprehensively. Concurrently, the National Cyber Crime Reporting Portal has been launched, enabling the public to report cybercrimes directly. Notably, incidents reported through this portal are automatically routed to the respective State/UT law enforcement agencies for prompt and efficient handling by legal provisions. These efforts underscore the government’s commitment to bolstering cyber security and empowering citizens to contribute actively to cybercrime prevention.
-
Citizen Financial Cyber Fraud Reporting and Management System
The Government launched the ‘Citizen Financial Cyber Fraud Reporting and Management System’ to facilitate the immediate reporting of financial frauds and prevent fund siphoning by fraudsters. A toll-free helpline number, ‘1930’, has been operationalized to assist with lodging online cyber complaints, ensuring swift response and support for victims of cyber fraud.
-
Multifaceted Awareness Campaigns
The Central Government has implemented a multifaceted approach to enhance the response to cybercrimes comprehensively. This includes extensive awareness campaigns aimed at educating the public and stakeholders about cyber threats, issuing regular alerts and advisories to highlight emerging risks, conducting specialized capacity-building and training programs for law enforcement personnel, prosecutors, and judicial officers, and improving cyber forensic facilities to bolster investigative capabilities. These initiatives collectively strengthen the government’s framework for addressing cybercrimes in a coordinated manner across the country.
Digital Personal Data Protection Act: Protecting citizen rights
The Digital Personal Data Protection Act, 2023 upholds individuals’ rights to safeguard their personal data, incorporating established principles for data protection. These principles include obtaining consent for lawful and transparent use of personal data, limiting its use to specified purposes, minimizing data collection to necessary levels, ensuring data accuracy and timely updates, restricting storage duration to the required period, implementing robust security measures, and enforcing accountability through penalties for breaches and data adjudication.
Additionally, the Act imposes stringent protections on personal data transfers, as exemplified by the Reserve Bank of India’s directive under Section 10(2) and Section 18 of the Payment and Settlement Systems Act, 2007, mandating the storage of payment system data within India. These provisions underscore the Act’s commitment to robust data protection standards and restrictions on personal data transfers, which remain in effect under its framework.
Securing a Digital Future for India
India’s digital landscape has undergone rapid expansion, with an increasingly connected population relying on digital platforms for everyday activities. Amidst this growth, ensuring robust data security measures has become paramount. The implementation of the Digital Personal Data Protection Act, 2023 reflects India’s commitment to safeguarding personal data through principles such as transparency, consent, and accountability. As India continues to harness the benefits of digital transformation, maintaining stringent data protection standards will be crucial in fostering trust, resilience, and sustainable growth in its digital economy.
