Cyber crime: There is not a single institution where the buck stops

Around 1.3 billion Indians have a unique digital identity; 750 million use smartphones and 800 million use the internet. The world’s biggest public information infrastructure needs a fortress to secure its cyberspace from armies threatening to weaponise data and digitally colonise nations.

Today, there are many hands holding bricks, but the foundation is yet to be laid. In July, 2019, a taskforce was set up under Rajesh Pant, a retired lieutenant general and national security coordinator, to draw up a national cybersecurity strategy. The strategy, which has taken shape on paper and is awaiting the cabinet nod, proposes to create a national architecture that brings all arms dealing with cybersecurity under one umbrella organisation.

Since 2013 the entire cyber landscape has changed. Earlier, the Indian Computer Emergency Response Team (CERT-IN) was the only agency issuing alerts and training experts. Now more than half a dozen agencies exist, and the right hand does not know what the left hand is doing sometimes.

The National Critical Information Infrastructure Protection Centre (NCIIPC) protects critical infrastructure; the Defence Cyber Agency—headed by Mohit Gupta, a rear admiral—is the first joint cyber group of the tri-services, with nearly 150 experts handling cyberthreats for military establishments. The ministry of home affairs runs the Indian Cyber Crime Coordination Centre, which is setting up regional and district cybercrime cells to act as nodal points for quick registration of crimes. The ministry of electronics and communication runs the Cyber Swachhta Kendra, separately for botnet cleaning and malware analysis. For cross-border breaches, the cyber diplomacy wing of the ministry of external affairs comes in handy.

India is not the only…