The objectives of the Policy include: (a) setting up of an effective mechanism to obtain strategic information relating to cyber threats; (b) protection of Critical Information Infrastructure; (c) creation of a skilled workforce in cyber security; (d) protection of data during transit; (e) effective prevention, investigation and prosecution of cyber crimes; and (f) creation of a global understanding and cooperation on cyber security.
As per the Policy, the foremost strategy is to create a secure cyber ecosystem by providing for a nodal agency to coordinate cyber security matters, encourage companies to designate a senior member as “Chief Information Security Officer” and promote organizations to develop information security policies. Other strategies involve conformity with global best practices and certification to the various standards, strengthening of the regulatory framework and periodic review against emerging threats. The Policy talks about the operation of a national level body called the Computer Emergency Response Team (CERT-In) to coordinate all efforts relating to cyber security and work as an umbrella organization.
PSA view – The Policy will be operational by way of detailed guidelines and plans of action at various levels such as national, state, enterprise, ministry etc. It will not only help in creating awareness among organizations but also make them more conscious towards cyber security and threats. Pursuant to enforcing the Policy, the Department of Information and Technology also seeks to form a body named National Critical Information Infrastructure Protection Centre. This will seek to operate as a nodal body for protection of critical information infrastructure.
TSDSI set up in India
The Ministry for Telecom & IT and the Department of Telecommunications approved the set up of the first TSDSI, which was part of the National Telecom policy of 2012. The TSDSI will operate as an industry led autonomous not-for-profit standard development organization for telecom products and services in India and will see effective participation from the government, R&D centers, telecom service providers, vendors and academia to come up with a consensus on the standards that meet national requirements. Its initial focus will be primarily be on energy efficiency, telecom security, terminals and devices- handsets, tablets, dongles, backhaul and data compression technologies.
PSA view – The industry required such a body, which could do the essential R&D and analyze the Indian requirements and global best practices to customize and formulate standards in telecom. This will also help in integrating the Indian practices with the internationally accepted standards.