Cybersecurity

India - Cybersecurity overview

Country profile

• ITU’s Global Cybersecurity Index 2020 ranks India at 10th in the world and places it in the category of countries showing ‘high commitment’ to cybersecurity. 

• Acronis’ Cyber Readiness Report 2020 places India as the country facing most cyberattacks in the world, more than double compared to any other country. 

• The Digital Security Council of India’s (DSCI) Cyber Security Task Force (CSTF) Report represents the industry consensus on the policy environment required for Indian cyberspace.   

Policies and initiatives

• India’s National Cyber Security Policy 2013 is a holistic framework “to build a secure and resilient cyberspace for citizens, businesses, and Government”. 

• The Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) detects malicious programs and provides free tools for their removal. 

• Under the Cyber Crime Prevention for Women and Children (CCPWC) Scheme, the Government of India has set up Cyber Forensic cum Training Laboratories and instituted capacity-building programs related to cyber awareness and cybercrime investigation. 

• India has a Cyber Diplomacy Division in addition to a New and Emerging Strategic Technologies Division within its Ministry of External Affairs. 

• India is in the process of formulating a Cyber Security Strategy 2020-2025, with the aim of keeping its cyberspace safe, secure, and as a means of generating prosperity. 

Governance structure

India’s cybersecurity is governed by a range of laws, most notably the Information Technology Act, 2000. India has a dedicated National Cybersecurity Coordinator (NCC) at the National Security Council Secretariat (NSCS), which coordinates between different agencies. The prime agencies in the field are CERT-In, National Critical Information Infrastructure Protection Centre (NCIIPC), and the Indian Cyber Crime Coordination Centre (I4C). Apart from the government, there exists a not-for-profit industry body known as the Data Security Council of India which maintains liaison with the government and regulators.  

Australia - Cybersecurity overview

Country profile

• ITU’s Global Cybersecurity Index 2020 ranks Australia at 12th in the world and places it in the category of countries showing ‘high commitment’ to cybersecurity.
• Acronis’ Cyber Readiness Report 2020 pointed out Australia as facing a general ‘lack of IT support’, even though it did not receive more than average instances of cyberattacks compared to the rest of the world.
• The Commonwealth Scientific and Industrial Research Organisation’s (CSIRO) Cyber Security Roadmap forms the basis for industrial guidance and a scientific evaluation of prospects.

Policies and initiatives

• Australia’s Cyber Security Strategy, 2020, envisions “A more secure online world for Australians, their businesses and the essential services” towards which an investment of $1.67 billion is allocated over 2020-30.
• The 2020 Defence Strategic Update recognises cyber warfare as a key enabler of ‘grey zone activities’, and calls for strengthened cyber capabilities. 
• The Australian Cyber Security Centre is a centralised centre bringing together all government cybersecurity assets and serves as an interface for collaboration and information-sharing.
• The Australian Cyber Security Growth Network (AustCyber) has produced a Sector Competitiveness Plan, which is updated annually, catering to needs and opportunities of different sectors of the economy.
• Australia has a dedicated Ambassador for Cyber Affairs and Critical Technology since 2017, leading Australia’s international engagements in cyberspace and critical technology.
• The Academic Centres of Cyber Security Excellence (ACCSE) program launched in 2016 established Centres of Cyber Security Excellence at the University of Melbourne and Edith Cowan University, respectively. 
• Australia also has the Cybercrimes Act, 2001, which serves as the primary legislation governing cybercrime. Apart from this, the Security of Critical Infrastructure Act, 2018, focuses on sabotage, espionage, and coercion posed by foreign involvement in Australia’s critical infrastructure.

Governance structure

The Australian Cyber Security Centre serves as the lead agency for cybersecurity issues and is a part of the Australian Signals Directorate, a member of the Australian Intelligence Community. Australia also has established the Australian Cyber Security Growth Network (AustCyber), which is an industry facilitation and cooperation organisation aiding the growth of an Australian cybersecurity ecosystem.

Bilateral frameworks for cooperation between India and Australia

• The Australia-India Framework Arrangement on Cyber and CyberEnabled Critical Technologies Cooperation 2020, stipulates that Australia and India will work together to promote and preserve an open, free, safe, and secure Internet, enhance digital trade, harness critical technology opportunities, and address cybersecurity challenges.
• 2020 saw the launch of the four-year $12.7 million Australia-India Cyber and Critical Technology Partnership. This Partnership will create a research and development fund for Indian and Australian businesses and researchers, and support other countries to improve their cyber resilience.
• Under the India-Australia Framework for Security Cooperation, 2014, both countries hold the annual Australia-India Cyber Policy Dialogue, which brings together ministry and agency representatives from both countries. 

Trade and investment opportunity

• The India Economic Strategy to 2035 states cybersecurity as an attractive opportunity for Australian firms to provide commercial services and training in cybersecurity.
• AustCyber’s Cyber Security Sector Competitiveness Plan, 2019, considers cybersecurity as one of Australia’s most promising growth sectors. 
• DSCI’s 2020 report India Cybersecurity Services Landscape - A Global Hub in the Making estimates that the Indian cybersecurity sector would register a high growth rate (~21% CAGR) by 2025 and stresses the role of strategic partnerships with global corporations for developing the entire ecosystem.
• DSCI’s 2019 report Cyber Security India Market estimates that the market for cybersecurity products in India will grow at one and a half times the global rate of growth.
• AustCyber aims at growing a robust Australian cybersecurity ecosystem, exporting Australian cyber solutions, and make Australia a leading centre for cyber education.
• NASSCOM (National Association of Software and Service Companies) is focused on building the architecture integral to the development of the IT-BPM sector through policy advocacy and helps in setting up the strategic direction for the sector. It has set up the Data Security Council of India (DSCI) which is committed to making cyberspace safe, secure, and trusted by establishing best practices, standards, and initiatives in cyber security and privacy. 

Cooperation and collaborations

• The Indian State of Karnataka declared Australia as one of its Key Global Innovation Alliance Partners, in the presence of the Australian Prime Minister who was leading a 150 strong virtual delegation to the Bengaluru Tech Summit 2020. Both governments mentioned cybersecurity as one of the areas of cooperation.
• Indian IT company Wipro launched its NextGen Cyber Defence Centre (CDC) in Melbourne, Australia in 2019. Wipro also plans to launch similar CDCs in other cities in Australia and offer cyber resilience and provide digital protection to large government organisations.
• Deakin University, in partnership with CyRise, runs a Venture Accelerator Program focussed on developing Indian cybersecurity talent.

• The Government of New South Wales in Partnership with the Optus Macquarie University Cyber Security Hub organised an NSW–India Cyber Security Exchange in 2019 whereby 10 NSW cybersecurity start-ups a major business development opportunity in India.
• AustCyber supported a trade delegation of eight Australian firms to discover new export opportunities in India in 2017. This was in succession to a similar delegation sent the previous year.

• India was a partner country of New South Wales in organising CeBIT’s 2012 edition. CeBIT is the largest ICT event in the Asia Pacific and saw a large representation of Indian firms.

• The Australia India Strategic Research Fund (AISRF) established in 2006 supports scientists in India and Australia to collaborate on leading-edge research, which has included cybersecurity-related projects such as:
  • Queensland University and Indian Institute of Technology Madras’ research titled “Protecting Critical Infrastructure from Denial of Service Attacks” in 2008.
  • University of New South Wales and Indian Institute of Science’s research project titled “The Impact of Noise in Quantum Electronics” in 2009.
  • National ICT Australia and Indian Institute of Delhi’s research project titled “Design and Implementation of a Content Distribution Architecture for Remote and Rural Areas” in 2010.
  • University of New South Wales and Indian Institute of Science’s research project titled “The Role of Noise in Quantum Electronics” in 2013.