Opinion | We should offer to safeguard the world’s telecom networks
4 min read . Updated: 02 Feb 2020, 10:41 PM ISTIndia should grab cybersecurity opportunities instead of focusing on smaller issues like import tariffs during Trump’s visit
As The Intersection argued earlier this month, on 19 January, technology will be an important front in the emerging trade war between the US and China. As much as this will disrupt the world economy, it will create significant opportunities for India as global supply chains re-adjust to geopolitical pushes and pulls. The immediate opportunity is in across-the-board manufacturing, especially if the Narendra Modi government puts in place a special task force to unclog the regulatory cholesterol that currently limits how much foreign direct investment can flow into the country. At the very least, the Centre must reverse the disturbing trend of top government officials snubbing foreign investors and promoting ideas like import substitution that failed India in the past.
Beyond manufacturing, the unfolding US-China technology war is creating opportunities for India in the cybersecurity space on a scale that could match Y2K.
Last week in the UK, the Boris Johnson government faced down both the US and hardline segments of the Conservative party to allow Huawei and other Chinese vendors a role in equipping Britain’s 5G communications networks. It is a carefully constructed middle path: “high risk vendors" will not be permitted in its core networks and restricted to less than 35% of the equipment base of each telecom operator. High-risk vendors will also be subject to higher levels of regulatory and security oversight. Operators are expected to have the ability to switch away from such vendors should the government so require. It is possible that the British have done their sums right and such a model will indeed balance national security and industry economics. Across the pond, however, some administration officials and politicians in Washington have threatened that if Huawei is in, Britain will be out of the “five eyes" intelligence partnership that the US has with its closest allies.
Even as the US tries to persuade the UK to change its stance on Chinese telecom equipment vendors, the European Union is likely to adopt some variant of the British approach. This means Chinese-made equipment will be deployed across EU countries, but under a tighter surveillance, audit and assurance regime.
Given that 5G networks will employ many more base stations than existing networks, and the internet of things (IoT) is set to bring billions of connected sensors and devices online, tightening security norms will require both telecom firms and their customers to employ a lot of cybersecurity professionals in a wide range of roles, of varying levels of sophistication and sensitivity. The problem is: the world is already short of cybersecurity professionals. Even before 5G networks are rolled out, estimates suggest that there are 2 to 3 million unfilled cybersecurity vacancies around the world. The more stringent the security regimes around Chinese vendors, the greater the demand for cybersecurity professionals.
To be sure, the industry is responding to this shortage by employing more automation. Even so, the demand for trustworthy, reliable and competent human beings to keep an eye on cyber threats will only increase. Where can you find hundreds of thousands of technology professionals who might be able to fill this gap? In India and China. Since Chinese firms and individuals are unlikely to be chosen to keep an eye on Chinese equipment makers and state-linked cyber attackers, it is advantage India.
Unfortunately at this time, India doesn’t have adequate numbers of cybersecurity professionals either. Industry leaders have drawn attention to the problem, the government has launched a skills initiative to plug the shortage, but we’re far away from addressing our own cybersecurity needs. Getting people trained to be effective cyber security professionals is not as simple and straightforward as teaching them to be good programmers. Yet India has all the necessary conditions to become as big a player in the global cybersecurity market. We have the numbers, we have the companies and we have the market-driven economic models that can produce the skills that the industry wants. Let’s not forget that during the 1990s’ information technology boom, India produced hundreds of thousands of software engineers not because of any government skills development programme, but because private firms popped up and supplied the skills that people and their employers wanted.
So just like in the Y2K days, there is a global demand for high-skilled technology professionals that India can fill. Unlike the Y2K days, though, the global demand for cybersecurity professionals has entry barriers that firms and individuals cannot easily cross on their own. Government-to-government arrangements can help Indian firms and individuals get clearances for cybersecurity roles. Ergo, New Delhi will have to work on developing cybersecurity partnerships with the US, UK and the EU, focused on opening up their markets to Indian firms. The latter, for their part, must work on gaining the trust of the West’s national security establishments.
The Modi government should use US President Donald Trump’s upcoming visit to propose a cybersecurity cooperation initiative that brings Indian technology firms into Washington’s circle of trust, and their US counterparts into the Indian market. Instead of expending political capital on small issues like import tariffs, New Delhi should go for the massive opportunities arising from the US-China tech war. Cybersecurity in the 5G era ranks at the top of that list.
Nitin Pai is co-founder and director of The Takshashila Institution, an independent centre for research and education in public policy.
