Cyber security has attracted attention of various stakeholders in India. These include Indian government, companies, individuals, banks, etc. Perry4Law Organisation (P4LO) has already provided the Indian Cyber Security Trends 2017 and interested stakeholders may read the same for in-depth analysis of cyber security position that may emerge in India in 2017.
In this article, Perry4Law’s Techno Legal Base (PTLB)would provide a summary of cyber security trends of India 2017 that may emerge in the year 2017.
(1) Digital India Security: Security of digital India project is of utmost importance as many online services are based upon it. The year 2016 did not see much work in this regard and digital India remained an insecure project that lacked cyber security capabilities. It has now become indispensable for the Indian government to ensure cyber security for digital India in 2017 as without cyber security most of government’s projects would create more trouble than solution.
(2) Digital Payments: The thrust upon digital payments without adequate cyber security is a really troublesome notion. The entire digital payment and online banking system of India is vulnerable to cyber attacks and cyber thefts. Whether it is debit/credit cards, mobile wallets, online banking or any other proposed e-banking option; they are very much vulnerable to sophisticated cyber attacks. Indian banks and digital payment providers are clearly not equipped to deal with the cases of cyber attacks and cyber crimes that are going to increase in 2017.
(3) Ransomware: Ransomware emerged as one of the top nuisances in the year 2016. Ransomware attacks would further increase in 2017 in India. As India is moving towards a data nation, locking of the same would be catastrophic. We have little defense against ransomware in India as on date and businesses may feel helpless and prone to litigations once they are hit by it.
(4) Smart Cities Security: Indian government is all set to establish smart cities in India. Many smart cities were approved in the year 2016 and work upon them may start in 2017. Indian government has considered all aspects of smart cities managements and PTLB hopes that cyber security of smart cities in India must also have been considered along with possible legal issues that may arise.
(5) IoT Security: Internet of things (IoT) received positive response in India in 2016. Many national and international stakeholders have shown interest in IoT driven services. Of course, at this stage most of them are just exploring as techno legal issues are still not clear. However, what is clear is that IoT services require strong cyber security and civil liberties protection that was missing in 2017. That may be natural as well as IoT is still evolving in India and PTLB hopes that IoT would be able to manage cyber security, civil liberties and data security aspects in the year 2017.
(6) Cloud Computing Security: Cloud computing is comparatively well received concept in India. In fact, companies and individuals have been investing in cloud computing ventures even before 2016. However, many of our clients were apprehensive in launching a full fledged cloud computing business. This is largely due to the fact regulatory and technological aspects are still not clear to them. In the absence of clarity about these aspects, cloud computing witnessed a limited growth in 2016. The year 2017 may see better growth for cloud computing businesses.
(7) Aadhaar: Aadhaar project was pushed very rigorously by Indian government in the year 2016 even by indulging in contempt of court. However, little efforts were undertaken by Indian government to protect civil liberties and cyber security issues of Aadhaar. For projects like digital India and Aadhaar, cyber security laws are urgently needed but they remained missing in 2016. The year 2017 may see some positive development in this regard.
(8) Critical Infrastructure Protection: Indian government has hinted towards launch of botnet and malware cleaning centers in the year 2017. This is a positive development as it would help in critical infrastructure protection (Pdf) in India. Indian government has also been formulating guidelines and regulations ensuring protection of protected systems and critical infrastructures from time to time. The National Critical Information Infrastructure Protection Centre (NCIIPC) has also been working in the direction of protecting Indian critical infrastructures. PTLB strongly recommend that NCIIPC must be formally launched by Indian government with clear cut functions and responsibilities. This did not happen in 2016 and 2017 may see some development in this regard.
(9) Healthcare Security: With increasing use of ICT for healthcare, India needs a robust healthcare cyber security. This must be supplemented with adequate privacy safeguards and effective data protection. In 2016 Indian government failed to ensure cyber security, data protection and privacy protection for healthcare industry. They year 2017 may also see little efforts in this direction from government’s side.
(10) Banking Security: Banking cyber security is an area where Indian government must work a lot. Financial transactions and digital payments in India are vulnerable to diverse cyber attacks and cyber crimes. Banks are ill equipped to deal with sophisticate cyber crimes and cyber attacks. Bank customers have little recourse against the guilty banks and digital payment service providers who have neglected in ensuring cyber security. This is happening even after a cyber security framework has been prescribed by Reserve Bank of India (RBI) that is mandatory to follow by Indian banks. However, despite the passing of the September 2016 deadline, banks have not made their systems cyber secure. Indian government may force banks to follow cyber breach disclosure norms and put in place adequate cyber security in 2017.
(11) Cyber Litigations: Cyber litigations are going to increase in the year 2017 in India. Increase in cyber crimes and cyber attacks in 2016 are a hint of the same. Till now cyber awareness among people is not high. Once they are aware of their cyber rights, they would enforce the same. However, law enforcement agencies of India must be modernised and they must develop good cyber crime investigation and cyber forensics capabilities.
(12) Cyber Insurance: Cyber insurance business would see a big growth in the year 2017 due to increased cyber crimes and cyber attacks. Already many businesses have opted for cyber liability insurance in the year 2016. However, there are certain techno legal issues of cyber liability insurance that must be kept in mind by both insurance companies and insured. The year 2017 may also see entry of new players, startups, entrepreneurs, etc in the field of cyber insurance.
(13) Blockchain: Many stakeholders explored use of blockchain and bitcoin in the year 2016. Indian government and Reserve Bank of India (RBI) are also analysing blockchain and bitcoin and its possible usages. However, no clear picture emerged in the year 2016 in this regard. Also issues of techno legal regulatory compliances and legality of bitcoin in India are still unresolved. The year 2017 may see some positive developments built around blockchain and bitcoin.
We hope our readers and various stakeholders would find the cyber security trends of India 2017 by PTLB useful.