There was another panel discussion at the Telecom Leadership Forum -- From vulnerable to victorious: Building a secure connected future. The moderator was Sukanta Dey, Founder and CEO, Sdela Consulting.
The participants were: Anshuman Tripathi, Member, National Security Advisory Board, Government of India, Dr. Pavan Duggal, Chairman, International Commission on Cyber Security Law and Advocate, Supreme Court of India, and Golok Kumar Simli, Principal Advisor and CTO, Global Passport Seva Program, Ministry of External Affairs, Government of India.
Anshuman Tripathi, Member, National Security Advisory Board, Government of India, said the government's role is in everything. An activity can either be defined as vulnerability or victory. We have to be aware of new technologies that are there, and those coming in. Indian private sector has started looking at the whole world. Estonia is looking at cyber security. Europe is a continent, and India is a country. We are doing multiple things in cyber security.
Need law on cyber security!
Dr. Pavan Duggal, Chairman, International Commission on Cyber Security Law and Advocate, Supreme Court of India added that there is no international cyber law in place. Countries are now coming up with their own national laws regarding cyber security. It was started by China, and is consistently growing. India does not have a cyber security law yet. We have a 30-year old National Policy on Cyber Security. China has come up with new law on GenAI.
Countries have taken leaf out of the USA model. If your actions are impacting cyber security of computers and devices, that is wrong. UN ad-hoc Committee on Cyber Crime is working on developing a new law.
Enabling governance
DPDP was announced in 2023. Golok Kumar Simli, Principal Advisor and CTO, Global Passport Seva Program, Ministry of External Affairs, Government of India, noted that we need to enable the governance model to the last person in the village. We cannot see any difference in terms of demography, literacy, etc. Similarly, any rural farmer or laborer cannot see any difference! When we are enabling such services, along with cyber security, we look at how we have done this. We have enabled every single player in the ecosystem.
We have our own data strategy. First, we need to look at data being collected. Next, we need to collect the data, and we need to take care of the principal owner. Applicability of the data is known to the principal owner. We also have a methodology to keep data safe and secure. We also look at who is accessing your data, and what is he/she doing. We need to have access control. Digital warriors know the digital ethos. Data masking, regular audit of data, etc., are also done. You also need to dispose of data once any data lifeline gets over. We also need to have DR strategy about data. We must comply with the rules of engagement.
Cybercrime on the rise!
Dr. Duggal added that cybercrime is on the rise. You need countries to co-operate in cyber security. India puts in several requests regarding cybercrimes to the USA, but the reply in most cases is not coming easily. Countries need to realize that their collective sovereignty are going to be hampered. In four years, someone come up with super intelligence. Then what do you do? We cannot detect and prosecute any cybercrime without any electronic intelligence. Some have complete immunity as per, say, US laws. Common challenges are also being thrown up by AI. Fear and cybercrime have been weaponized, during and post Covid-19.
Tripathi said we have the trusted telecom bill coming in. You can provide opportunity to see whether it is for global good, or allow nefarious folks to come in. We need more nuanced policies for India. We are becoming part of several global supply chains now. We need to structure the policy with government and private sector interface. Make in India is seeing new impetus. We will see new technologies that are completely developed in India.
Simli added that we have rules of engagement, tools, and technologies. We have workload, workforce, workflow, web, and one more. Once they are intact around the five Ws, you see volume, veracity, and variability of the data. We need to predict, and do things proactively. We need to leverage emerging technologies, such as AI and GenAI. AI may have a weakness, such as adverserial impact of AI. We need to have a holistic approach toward cyber security.