Need for a strong cyber-security workforce
Surya Kiran Sharma
Security
forces in India were on red alert as Republic Day approached with all
personnel busy guarding the vital installations and defending the
country’s frontiers. However, little attention was paid to the cyber
space as Pakistani hackers defaced over 2000 Indian websites on January
25, 2014, including that of Central Bank of India. The operation was
called “#OP26jan” and its success reflects the lack of technological
preparedness within the government to deal with such threats.
A
whitepaper issued by The Associated Chambers of Commerce and Industry
of India (ASSOCHAM) in collaboration with private services companyKPMG
on October 15, 2013 has highlighted the lack of cyber security
professionals in the country. India has at its disposal only 556 trained
specialists to tackle cyber threats, a number which dwarfs in
comparison to 91,000 in the United States and 1.25 lakh in China. These
numbers become more relevant considering India has at around 74 million,
the world’s third-largest internet using population, behind China and
the US, and the country also has the world’s third-largest standing
army.India lacked a stand-alone cyber security policy until the National
Cyber Security Policy was launched in July 2013, which remains a draft
document on what the government hopes to achieve. However, little action
has since been taken to achieve the targets and objectives spelt out in
the policy document resulting in a weak institutional structure to
protect the country’s cyber space.
The
Cyber Security Policy 2013 envisions creating a 500,000-strong
workforce of professionals skilled in cyber security and fostering
education and training programmes in the formal and informal sectors.
These figures look difficult to achieve unless the government
collaborates with academic institutions to tap the technical skills of
students at the earliest level.Israel, the undisputed world leader in
using technology for national security and defence, has paved the way
for the establishment of a new model totap the resources available in
universities and integrate those with the efforts of the defence forces
and private companies. The inauguration of the Advanced Technology Park
(ATP) on the campus of the Ben Gurion University in Be’er Sheva, Israel
has facilitated the symbiotic integration of the tech companies in
Israel with the defence forces and the academia, to bridge the gap
between the country’s cyber-security preparedness and the level of
technological sophistication of the forces that have identified internet
as the new dimension of warfare.The ATP plays host to a number of
private tech companies, like Deutsche Telekom and Oracle, who will
collaborate with BGN Technologies, an entity of the University that
commercialises academic research and assists the Israeli defence forces
to secure the country’s cyber domain.
A
report by Cisco published in January 2014 titled Annual Security Report
2014 also highlights the lack of adequate cyber security warriors
available to the government. The report points out that Indian
government websites have been breached over 1000 times in the past three
years and the country is short of over 4 lakh professionals skilled in
cyber security.An important reason for these regular attacks on the
critical national data has been the failure on the government’s part to
attract people with the requisite technical skills and expertise. The
lack of competitive remunerations in comparison to what the private
organisations are willing to pay forces the best minds to shun the
government.
The
government needs to work on capacity building and skill development if
it wants to achieve the target of 500,000 cyber security professionals
in the next five years. As internet becomes the fifth dimension of
warfare after land, air, water and space, necessary steps need to be
taken to develop forces capable of securing the country’s critical and
sensitive information. Special educational institutions providing
courses on cyber security need to be set up across the country with
additional similar programs being run in the existing colleges. Training
should be provided to acclimatise the responsible personnel with the
latest changes in technology and the advancements in cyber domain.
The
Indian Computer Emergency Response Team (CERT-In) has been earmarked as
the umbrella agency to coordinate all cyber emergency and crisis
response efforts and protect country’s software based
infrastructureunder the cyber security policy. However, the government
has sanctioned the creation of the National Cyber Coordination Centre
(NCCC) to assess potential cyber threats and ensure better coordination
between various intelligence agencies. A proposal has also been cleared
to have National Technical Research Organisation (NTRO) take care of key
infrastructure including power, telecommunications, railways and
airport.
The
need of the hour is a nodal organisation that supervises the cyber
security efforts of various agencies involved in protecting India’s
information structure. The armed forces have also been targeting
aCommand Centre on the lines of the US Cyber Command (USCYBERCOM). The
creation of all these institutions requires skilled personnel; a close
partnership with the private sector and the academia is hence essential
to realise the intended goals.
The
concept of “Attack by Stratagem” states that fighting and conquering
all battles is not supreme excellence; it lies in breaking the enemy’s
resistance without fighting.As conflicts move away from battlefields and
onto computers in air-conditioned rooms situated thousands of miles
from the target, there is a need to concentrate efforts on creating
acyber-security force adept at protecting country’s information and
communication data and networks.
The author is an intern at CLAWS. Views expressed are personal.
http://www.claws.in/Need-for-a-strong-cyber-security-workforce-SuryaKiran.html
|
No comments:
Post a Comment