Govt’s decision to run a security audit is sound; it also needs to invest more in cybersecurity

However, if China’s attempts to hack are a security threat, then these audits must be mandated for all departments, and at periodic intervals.

Also, India needs a coordinated cybersecurity approach

On Monday, the department of telecommunication (DoT) asked all its web portal and websites to conduct a security audit against the threat of attacks from servers based out of China. As per the Indian Express, the department has also asked web portals and websites to upgrade only security and system used by officials in the ministry. It has also submitted a report to the Indian Computer Emergency Response Team (CERT-In). While the government has been asking companies to upgrade their cybersecurity infrastructure, this paper has argued that the government, which is the largest repository of user data, do the same. The attempt by DoT, thus, is a welcome one.

However, if China’s attempts to hack are a security threat, then these audits must be mandated for all departments, and at periodic intervals. Also, India needs a coordinated cybersecurity approach. Last year, the attack on the Kudankulam Nuclear plant exposed fissures in India’s cybersecurity plan. Despite the government talking about a cybersecurity strategy for years now, it is yet to release the 2020 document. Upgradation of technology infrastructure and systems would mean little if the country cannot have a coordinated cybersecurity policy, which can help alert different departments at the time of an attack. India, at present, has 36 departmental agencies besides CERT-In, and each state has its own body. Structures across are different. India needs a single umbrella organisation if it is to stave off any credible threats or ensure that all systems do not get affected at once.