NEW DELHI: Capacity building was the core message of the cyber security recommendations unveiled by national security adviser Shivshankar Menon on Monday. The report - "Engagement with Private Sector on Cyber Security" - said the government would introduce specialised "cyber security related curriculum" in engineering and management courses and establish a multi-disciplinary centre of excellence.
The Centre plans to establish an autonomous institution - Institute of Cyber Security Professionals of India - along the lines of the Institute of Chartered Accounts of India ( ICAI) and make "cyber security audits" mandatory for companies by amending the Companies Act.
A recent report by Bloomberg said a "trove" of confidential data had been mined from the computer of Y C Deveshwar, CEO of ITC, for over a year before the company was alerted. In the public sector, less than 20% of the cyber attacks on national security systems are even reported.
Bloomberg quoted security experts to say "networks of major oil companies have been harvested for seismic maps charting oil reserves; patent law firms for their clients' trade secrets; and investment banks for market analysis that might impact the global ventures of state-owned companies." The report identifies four pilot projects including setting up a pilot testing labs, conducting a test audit, study of sample critical information infrastructure and establishment of a multi-disciplinary centre of excellence.
India is only following the lead of countries like the US where secretary of defense Leon Panetta said US needed to work on new laws. Panetta warned of conventional attacks combining with cyber strikes.
"This kind of phenomenon is something we need to learn to deal with. This is something new. The important thing for a democratic society like us is how do we do it while maintaining democratic freedoms," Menon said.