We live in a world that is often outside our control. Many people have faced risks to their online and digital security. These same anxieties are present in securing our national cyber assets. Towards this, the government of India plans to release a Cybersecurity Strategy in 2020 and asked for inputs. We sent our comments on securing people like you. This recognises 5 important points that promote both security and human rights. Sounds, too good to be true? Read on!
Institutional security has to be individual centric
We recently sent our comments to the National Security Council Secretariat which invited public comments for framing of the National Cyber Security Strategy 2020 (NCSS 2020). Our clear belief is that India requires to focus strongly on protecting its cyber assets and infrastructure. This has to be done in a manner in which we focus on creating an environment with the right incentives and grow a respect for individual privacy.
More tangibly as we outline in our submission to achieve this we make five distinct reccomendations.
- Recommendation 1: Independent vulnerability testers and cyber security specialists are strategic national assets – India’s innovative and expanding community of security researchers is a net asset, for cybersecurity in both the public and private sectors. There should be a clear policy and standard operating procedure devised for departments to be notified by security researchers without the threat of civil or criminal prosecution.
- Recommendation 2: Encryption protects India by protecting Indians – The use of encryption has far too often come under political attack by some parts of the security ecosystem. In fact, failure to encourage and expand the usage of encryption technologies puts individual users at risk. Here millions of Indians who today conduct their lives through digital tools are also entry point vulnerabilities unless their devices are secured through encryption.
- Recommendation 3: Encourage a strong data breach reporting mechanism in the Data Protection Act – Data breach reporting under a data protection legal framework is immensely useful for enhancing cybersecurity.
- Recommendation 4: Malware use makes all of insecure – We further recommend that the use of malware should be clearly prohibited. The collection of, “Zero-day” hacks or the proliferation in the use of technical exploits to hack into the devices and digital services of Indians makes the nation insecure.
- Recommendation 5: The open web is the secure web – Today, there are both economic forces and regulatory suggestions that threaten the decentralised framework of the internet. This undermines not only the stability of the public core but has a negative impact on cyber security in real and tangible ways.
We will keep advocating for the safety of India by advocating for the rights of users to use technologies that will secure thier devices. Our submission also benefits from the growing community of supporters and experts includes many from the domain cyber security and their work is incredibly advancing the national interest.
It is our earnest hope that the National Security Council Secretariat considers our submission for a cyber secure India that starts with securing Indians.
- IFF's Submission to India's Cyber Security Policy (link)