Tech policy think tanks asks govt to strengthen cyber security in India Technology policy think tanks and digital freedom advocates have written to the National Security Council Secretariat urging stronger encryption requirements, improved breach disclosure norms and use of open-source software while encouraging free flow of data across borders, as part of suggestions to strengthen cyber security in India.

Last year, the government said it planned to release a new Cybersecurity Strategy to keep up with the changing nature of technologies, platforms and threats. It asked for inputs by January 10 this year, seeking to tackle challenges including data privacy, law enforcement in evolving cyberspace, access to data stored overseas, misuse of social media platforms, international cooperation on cybercrime and cyber terrorism.

Internet Freedom Foundation (IFF) said the policy should promote encryption, protect de-centralised internet, encourage robust data breach reporting mechanisms, prohibit the use of malware and reward the community of security researchers.

Centre of Internet and Society (CIS) said the government must strengthen legal and technical security standards and allow for cross-border sharing of data by focusing on a solution to the Mutual Legal Assistance Treaty process.

To strengthen cyber security, the government should look at improving the processes for disclosing security vulnerabilities to the government by stakeholders, develop incentives for strong cyber security practices such as cyber insurance programmes, certifications and tax incentives, it added.

Software Freedom Law Centre (SFLC) said the government should roll out cyber security awareness programmes for all stakeholders and plan comprehensive cyber security-specific legislations. It said the government should adopt free and open-source software and open standards so that the software used is auditable and verifiable. The government should also partner with various stakeholders, including private sector entities, academia, civil society and independent security researchers, it added.

READ  Just a reminder: We're still bad at securing industrial controllers - The Register



Please enter your comment!
Please enter your name here