Topic of the Day – National Cyber Security Policy 2013

  • The National Cyber Security Policy (NCSP) 2013  is a policy framework by the Department of Electronics and Information Technology (DeitY) under the Ministry of Communications and Information Technology (MoCIT).
  • The NCSP underscores the need for the creation of a secure computing environment and generating adequate trust in online systems and networks.

National Cyber Security Policy 2013 Objectives

  • To create a secure cyber ecosystem and build adequate confidence in IT systems and transactions.
  • To strengthen the regulatory framework for ensuring secure cyber ecosystem.
  • To create and enhance mechanisms for monitoring and resolving cyber security threats.
  • To enhance the protection and resilience of the nation’s critical information infrastructure.
  • To create a workforce of five lakh specialists in cyber security over the next five years.

Key Highlights of National Cyber Security Policy 2013

  • To meet with the various objectives of the cyber security policy, here are the strategy that will be put in place.
  • Policy aims at creating a national level nodal agency that will co-ordinate all matters related to cyber security in the country
  • It will encourage organizations to develop their own security policies as per international best practices.
  • The policy will ensure that all organizations earmark a specific budget to implement their security policies and initiatives.
  • Policy plans to offer various schemes and incentives to ensure that proactive actions are taken for security compliance.
  • To create an assurance framework, policy will create conformity assessment and certification of compliance to cyber security best practices, standards and guidelines
  • Policy aims at encouraging open standards that facilitate interoperability and data exchange among different IT products and services.
  • A legal framework will be created to address cyber security challenges arising out of technological developments in cyber space.
  • The policy also plans to enforce a periodic audit and evaluation of adequacy and effectiveness of security of Information infrastructure in India. The policy will create mechanisms to get early warnings in case of security threats, vulnerability management and response to the security threats thereof
  • A 24X7 operational national level computer emergency response team (CERT-in) will function as an umbrella organization that will handle all communication and coordination in deal with cyber crisis situations.
  • To secure e-governance services, policy will take various steps like encouraging wider usage of Public Key Infrastructure (PKI) standards in communications and engagement of expert security professionals / organizations to assist in e-governance.
  • The policy will encourage and mandate use of tested, validated and certified IT products in all sensitive security areas
  • The policy also plans to undertake and invest in various R&D programs in area of national cyber security.

Also see: