Tuesday 12 April 2011

Indian Computer Security Policy Is Required

Computer security in India is not taken seriously either by the individuals or by the government departments. Even if some people think about computer security, it is mostly confined to installing an anti virus and at most a firewall. Further, even anti virus software are not regularly updated and this results in an outdated virus definition and signatures.

We also have no cyber law policy in India, cyber crime policy in India, national cyber security policy in India, telecom security policy in India, encryption policy of India and so on. So on the policy front, India has performed extremely poor. Any field that is not supported by any policy or strategy is bound to fail and computer security in India is one such area.

National Security Policy of India is urgently required and Computer Security Policy of India must be an essential part of the same, says Praveen Dalal, managing partner of New Delhi based Law Firm Perry4Law and leading techno legal expert of India. Increasing Computer Security Readiness with Adaptive Threat Management is need of the hour, suggests Dalal. Further, Measurement of ICT Resilience and Robustness on regular basis is also required, suggests Dalal.

Even computer security research and development in India is lacking. We have a single and exclusive techno legal computer security research, training and education institution of India. The same is managed by Perry4Law and Perry4Law Techno Legal Base (PTLB). It is managing issues like cyber law, computer security, cyber war, cyber espionage, cyber forensics, etc.

A sound and effective computer security policy of India requires dedicated and committed efforts. Presently, we have neither computer security laws in India nor effective mechanisms to safeguard our cyberspace from cyber attacks. India is facing growing threats of cyber attacks and its cyberspace is highly vulnerable.

Even issues like cyber terrorism in India, cyber espionage in India, critical infrastructure protection in India, critical information infrastructure protection in India, etc have not received attention of Indian government. The national ICT crisis management plan of India is still missing. In fact, Indian crisis management plan for cyber attacks and cyber terrorism is still not ready. India needs to plug in these crucial computer security gaps as soon as possible.