The book “India’s Cybersecurity Policy: Evolution and Trend Analyses”, written by Thangjam K Singh, examines how states of concern, major powers, and middle powers have developed cybersecurity policies globally and contrasts them with the Indian scenario. The book discussed the architecture and implementation of existing cyber laws, policies, guidelines, structures, corporations, and echelons in India. It also emphasises how important it is to implement or enhance new cybersecurity standards to effectively handle cutting-edge technologies like 5G, blockchain, artificial intelligence (AI), big data (BD), the Internet of Things (IoT), and cryptocurrencies.
The book is divided into five chapters. Chapter one is an Introduction titled “Cyber Systems and Trends of Cybersecurity.” Chapter two is “Evolution of Cybersecurity Policies: A Global Perspective.” Chapter three is “The Evolution of Cyber Security Policy in India.” Chapter four is “Trend Analysis of India’s Cyber Security System.” Chapter five is “Conclusions: India’s Cybersecurity Policy: The Way Ahead.”
The first chapter focused on the definition, concept and theories of cyberspace for international and Indian contexts. The development of cybersecurity structures is also covered in this chapter. These are divided into three phases: the first wave, which occurred before 2000, the second wave, which occurred between 2001 and 2020, and the third wave, which occurred in the future or starting in 2021. The first wave of cyberspace is based on the pre-securitisation era, when people started using the Internet and eventually started doing business online. Hacking incidents and other cyberspace-related incidents also occurred in the latter half of this time frame. The early half of the second wave saw a rise in the economy due to e-resources, while state actors engaged in cyberwarfare. The second half of it becomes more complex when cyberspace is completely secured and integrated into national security (by elevating military command and weaponising the domain). Future difficulties are the focus of the third wave, which is a post-securitisation era when threats and insecurity are seen in developing technology.
The second chapter has been divided into six sections, which are mentioned here. Cyberspace concerns have been highlighted as an international safety concern, serving as the foundation for the security policy. It discusses how cybersecurity architecture and the global system are connected. Cyberspace can be regulated by the country that dominates the digital system, and the control of cyberspace may impact the global order. The book outlines the development of cybersecurity according to the phases of productivity, the Internet era, e-commerce, and difficulties and countermeasures. This pattern analysis examines cybersecurity “policy” based on geography and organisations with historical, contemporary, and future patterns. This analysis was divided into three stages: the first addressed the past or before 2000, the second addressed the present or 2001–2020, and the third addressed the future or after 2021. The cybersecurity component of multilateral organisations like the United Nations (UN), the North Atlantic Treaty Organisation (NATO), and the South Asian Association for Regional Cooperation (SAARC).
Chapter three focuses on India’s strategy for dealing with cybersecurity issues, and security/IR theory best suits India’s cyber strategy. Cyberspace’s relationship with India is about the digital economy, social media (communications), politics, diplomacy, and the military, among other things.
India’s realistic theoretical approach to cybersecurity is examined in the first section, where the Indian government has the supreme power to implement regulations and views the field as a platform for power acquisition. It also thinks that private players actively participate in cyberspace as a means of communication and international cooperation. During election seasons, cyberspace has also been employed as a political instrument. Considering China’s and Pakistan’s digital aggression, India increased its cyber command in line with other developed nations like the US, China, and Russia. It aims to take up more space on the global stage for digital diplomacy.
The next session examines how India’s cybersecurity policy has changed over time. It focuses on the history of the Indian IT industry, including establishing the first IT committee and policy (before the introduction of the Internet). The first phase (before 2000), the second phase (2001–2020), and the third phase (beginning in 2021) comprised the three phases that were covered in the chapter above. The chapter’s third section discusses the development of India’s cyber cooperation with other countries. India assists other developing countries in West Asia, Africa, and Central Asia with issues about cyberspace.
Chapter four talks about the PMO and the roles of the seven ministries in India’s cybersecurity framework. The PMO prepares India’s national cybersecurity strategy and makes strategic choices on cyber matters through its National Security Council Secretariat (NSCS). The IT industry and its policies are overseen by the Ministry of Electronics and Information Technology (MeitY). Internet and telecom regulations are the focus of the Ministry of Communication (MoC). The Ministry of Defence (MoD) promotes defence against external cyber threats and develops military doctrines to deal with cyber warfare. To prevent cybercrimes at the national level, the Ministry of Home Affairs (MHA) publishes guidelines. Government guidelines for digital transactions are provided by the Ministry of Finance (MoF). International cyber diplomacy management is under the Ministry of External Affairs (MEA). The Ministry of Science and Technology (MS&T) cannot be completely excluded from the role, even though it is not directly involved in cyberspace security; it carries out research and encourages cybersecurity education.
Chapter five talks about the overview of all four chapters of the book, the author’s views, and their suggestions and future development. This chapter also focused on how India can improve its policies on cybersecurity to deal with future challenges.
The book focuses on the civilian aspect of cybersecurity and government policies. However, the author should have focused on the military element of cybersecurity in India. It must focus on the guidelines and rules for military personnel for exploring the cyber domain. As cyber has become the 4th domain of warfare, the author should have focused on some rules of engagement in cyber warfare and how India should prepare offensive and defensive capabilities in cyber domains. The book covers all aspects of cybersecurity in India from a civilian perspective, but it overlooks the military perspective. As a student of national security studies, the book will be more interesting if the author has covered more on the military perspective of cybersecurity. Ultimately, I would like to conclude by stating that, in today’s era, a country’s military security is only possible with a robust cybersecurity system. The author of the book is an assistant professor in the Department of Defence and Strategic Studies at the Central University of Gujarat.
Disclaimer: The views and opinions expressed by the author do not necessarily reflect the views of the Government of India and Defence Research and Studies
Title Image Courtesy: https://globalbanking.ac.uk/
