India Last Updated: March 2021

CYBERSECURITY POLICY

Strategy Documents

(in progress) National Cyber Security Strategy

Government of India (GoI)
Source Source 2
November 2020

Basic Doctrine of the Indian Air Force

Indian Air Force

Makes the case for cyber warfare as an attractive low cost war-waging model;
Offensive cyber warfare can be conducted across the entire range of military and nonmilitary operations to achieve national objectives;
Evaluates cyber warfare and information warfare seperately.

Source Source 2
2012

Land Warfare Doctrine (LWD) 2018

Indian Army

Refers to cyber warfare as a sub-category of information warfare;

Indian Army will develop capabilities to carry out Information Warfare Operations over the "entire spectrum of conflict”;
Stresses that all elements/forces must retain the capability to fight through a disruptive cyber warfare domain environment and that Indian Army
will upgrade its cyber warfare capabilities.

Source
2018

National Information Security Policy and Guidelines v5.0

Ministry of Home Affairs

The Ministry of Home Affairs directed to update this policy in June 2018;
Not available to the public anymore as of February 2019;
Highlights information security best practices for public sector audiences, focusing on eight domains:

1. Network security;
2. Identity and access management;
3. Physical security;
4. Application security;
5. Data security;
6. Personnel security;
7. Threat management; and
8. Incident management.

Source Source 2
9 October 2014

National Cyber Security Policy

Ministry of Electronics and Information Technology

Covers the whole spectrum of ICT users and providers, incl. Government and non-Government entities;
Acts as India's main cyber security strategy;
Outlines several main goals, including strengthening regulatory framework; increasing capacity for developing indigenous cybersecurity
technology; creating a culture of cyber security; and building workforce of 500,000 experts in cybersecurity.

Source Source 2
 India Last Updated: March 2021

2 July 2013

Indian Army Doctrine

Ministry of Defence

Mentions that cyber and information warfare are major challenges;

Includes a wider chapter titled "Information Warfare".

Source Source 2
2004

Implementation Frameworks

Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules
Ministry of Electronics and Information Technology

Lays down rules regarding privacy and data security, including:

Restrictions on collection of personal data by corporations;

Standards of personal information disclosure;
Establishment of guidelines for determining whether or not organization is compliant with previous regulations.

Source
11 April 2011

STRUCTURE

National Centre or Responsible Agency

National Critical Information Infrastructure Protection Centre (NCIIPC)

Government of India
One of the functions and duties: to protect and deliver advice that aims to reduce the vulnerabilities of critical information infrastructure, against cyber
terrorism, cyber warfare and other threats
Source
16 January 2014

Key Positions

National Cyber Security Coordinator, Prime Minister's Office

Source Source 2

Joint Secretary for Cyber Diplomacy

Cyber Diplomacy Division, Ministry of External Affairs
Source Source 2

Additional Secretary
National Emerging and Strategic Technologies Division, Ministry of External Affairs
Source
 India Last Updated: March 2021

Dedicated Agencies and Departments

Ministry of Electronics and Information Technology

Government of India

To promote e-Governance for empowering citizens, promoting the inclusive and sustainable growth of the Electronics, IT & ITeS industries,
enhancing India’s role in Internet Governance, adopting a multipronged approach that includes development of human resources, promoting R&D
and innovation, enhancing efficiency through digital services and ensuring a secure cyber space.

Source Source 2
July 2016 (separated from the Ministry of Communications and Information Technology)

National Security Council Secretariat

Established as the central coordinating body for cybersecurity and internet governance (potomac document, p.7).
Source

Cyber Swachhta Kendra

Ministry of Electronics and Information Technology

Botnet Cleaning and Malware Analysis Centre

Part of the Government's Digital India Initiative under the Ministry of Electronics and Information Technology.

Source
February 2017

Cyber and Information Security Division (C&IS)

Ministry of Home Affairs

Division dealing with matters relating to Cyber Security, Cyber Crime, National Information Security Policy & Guidelines (NISPG) and
implementation of NISPG, and others;
Comprises a Cyber Crime Wing, Cyber Security Wing, Information Security Wing, and a Monitoring Unit.

Source

National Technical Research Organisation

Government of India

Technical intelligence agency set up under the National Security Advisor in the Prime Minister's Office;
Develops technology capabilities in aviation and remote sensing, data gathering and processing cyber security, strategic hardware and strategic
monitoring;
NCIIPC comes within NTRO’s ambit.

Source
2004

New Emerging and Strategic Technologies Division (NEST)

Ministry of External Affairs

To engage in technology diplomacy and deal with the foreign policy and international legal aspects of new and emerging technologies.
The Division will function under the supervision of a Head of Division.
It will enable more active participation of India in global forums in the area of technology governance and promoting the national interests of India
in that context.

Source
 India Last Updated: March 2021

2020

Indian Cybercrime Co-ordination Centre (I4C)

Ministry of Home Affairs

Acts as a nodal point in the fight against cybercrime and undertakes a variety of activities including the co-ordination of all activities related to
implementation of Mutual Legal Assistance Treaties (MLAT) with other countries related to cybercrimes in consultation with the concerned nodal
authority in MHA.

Source
2020

National CERT or CSIRT

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Serves as national agency for incident response (Information Technology Act 2000, Section 70B);
Governmental CERT.

Source Source 2
January 2004

LEGAL FRAMEWORK

Legislation

Information Technology Act 2000 (IT Act 2000)

Established the NCIIPC and the CERT.

Amended by the IT (Amendment) Act 2008, passed by both the houses of Parliament on December 23, 2008.

Source Source 2
9 June 2000 (adopted); 23 December 2008 (last major amended)

COOPERATION

UN Processes

Expressed Views at the Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context
of International Security

Source Source 2

Expressed views to the Annual Report of the UN Secretary-General on Developments in the Field of Information and Telecommunications
in the Context of International Security

Source
2016

Represented at the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context
 India Last Updated: March 2021

of International Security

Source
2004, 2009, 2012/2013, 2016/2017, 2019/2021

Bilateral and Multilateral Cooperation

Joint Statement on a Comprehensive Strategic Partnership between Republic of India and Australia

Both countries jointly decided to work together in the areas of digital economy, cyber security and critical and emerging technologies as identified
by the Framework Arrangement on Cyber and Cyber-Enabled Critical Technology Cooperation;
This included the Australia-India Cyber and Critical Technology Partnership (AICCTP) grants looking to "shape international discourse on cyber and
critical technologies, particularly through strengthening understanding of ethical frameworks and supporting research and development of
technical standards for emerging and critical technologies."

Source Source 2
2020

Memorandum of Cooperation in the Field of Cybersecurity between India and Japan

The MoC will enhance cooperation in areas of mutual interest, which include inter-alia, capacity building in the area of cyberspace; protection of
critical infrastructure; cooperation in emerging technologies; sharing information on cyber security threats/incidents and malicious cyber
activities, as well as best practices to counter them;
Developing joint mechanisms for practical cooperation to mitigate cyber threats to the security of Information Communication Technology (ICT)
infrastructure, etc.

Source
2020

MoU between the Government of the Republic of India and the Government of the State of Israel on Cyber Security Cooperation

The MoU envisages cooperation in the field of cyber security to develop, promote and expand cooperation in the field of HRD through various
platforms and arrangements such as training programmes, skill development, and simulator based hands-on training.
It also envisages collaborating in the field of cyber security resilience, promoting B2B cooperation in cyber security and facilitating industrial
summits.

Source
2018

India-EU Cyber Dialogue (Sixth)

India and EU discussed various areas of cooperation in the cyber space including contemporary matters; multilateral and regional cooperation on
stability in cyberspace at UN platforms in GGE, OEWG, or in Regional settings including relevant discussions at OSCE and ARF; EU Cyber
diplomacy toolbox; Cooperation on Cybercrime and Capacity building therein; Contemporary issue and exchanges on cyber policies; Internet
Governance; New Emerging cyber-related technologies.

Source
14 December 2020

Australia-India Cyber Policy Dialogue (Third)

The Dialogue provided the opportunity to discuss current and emerging cyber security issues including emerging ICT technologies, national
approaches to cyber security policy and legislation, international issues including the respective views on the UN Group of Governmental Experts
and Open Ended Working Group, critical technologies, and cooperation to address cybercrime.

Source
2019
 India Last Updated: March 2021

India-Japan Cyber Dialogue (Third)

Japan and India shared views that ensuring cyber security enhances each nation’s security, socio-economic activities, and people’s daily lives, and
both sides reaffirmed their commitment to an open, free, secure and stable cyber space.

Source
2019

Memorandum of Understanding, India-Singapore

CERT-IN

Extension of the Memorandum of Understanding between SINGCERT and CERT-IN.

Source
1 June 2018

Consultations, Russia-India
Deputy National Security Adviser; National Cyber Security Coordinator
Second round of consultations pursuant to the Bilateral Agreement signed on 15 October 2016.
Source
15-16 February 2018

India-Japan Cyber Dialogue (Second)

Ministry of External Affairs
Discussing domestic cyber policy landscape, cyber threats and mitigation, mechanism on bilateral cooperation and possible cooperation at various
international and regional fora
Source
18 August 2017

Australia-India Cyber Policy Dialogue (Second)

Ministry of External Affairs
Reaffirmed commitment to an open, free, secure, stable, peaceful and accessible cyberspace enabling economic growth and innovation and reiterated
support for the multi-stakeholder approach to internet governance
Source Source 2
13 July 2017

Memorandum of Understanding, India-Spain

Government of India
Cooperation in cyber security
Source
31 May 2017

Joint Declaration of Intent on German-Indian Cooperation on Cyber Policy

Ministry of External Affairs

Joint declaration with specified measures to be implemented in the spheres of cyber foreign policy, IT security, and cybercrime.

Source
30 May 2017

Memorandum of Understanding, India-Palestine

 India Last Updated: March 2021

Ministry of Electronics & Information Technology

Co-operation in the areas of e-Governance, m-Governance, e-Public Services Delivery, cyber security, software technology parks, start-ups ecosystem etc
Source
16 May 2017

Memorandum of Understanding, Bangladesh-India

Ministry of Electronics & Information Technology
Promote cooperation between CERT-In and BGD e-Gov CIRT and includes exchange of information on Cyber attacks and cyber security incidents
Source Source 2
8 April 2017

Memorandum of Understanding, India-Indonesia

Minister of State for Home
Enhancing cooperation in cyber security and intelligence sharing
Source
14 March 2017

Memorandum of Understanding, India-Vietnam

CERT-In
Promote closer cooperation for exchange of knowledge and experience in detection, resolution and prevention of cyber security-related incidents between
India and Vietnam
Source
18 January 2017

Joint Working Group on Security, India-Kenya

Head of State

Proposal for group with specific focus on cyber security

Agreed to continue sharing information and expertise in the field

Source
10-12 January 2017

Memorandum of Understanding, India-U.S.

Ministry of Electronics and Information Technology
Promote closer co-operation and the exchange of information between CERTs
Source
11 January 2017; 19 July 2011 (previous)

Protocol on Technical Cooperation in Cyber Space and Combating Cyber Crime between the Ministry of Home Affairs of the Republic of
India and the Ministry of Interior of the State of Qatar
Department of Electronics and Information Technology
Dimension of bilateral Technical Cooperation in Cyber Space and Combating Cyber Crime to the existing framework agreement in the field of security
signed on 10 November 2008.
Source
3 December 2016

Bilateral agreement, India-Russia

Government of the Republic of India
Bilateral Agreement on Cooperation in ensuring security in the use of Information and communication technologies.
Source
 India Last Updated: March 2021

15 October 2016

Memorandum of Understanding, India-Serbia

Ministry of Electronics & Information Technology

Enhance cooperation for using IT as a tool to improve public service delivery i.e. e-learning, e-government services, telemedicine, e-education, e-
authentication, cyber security, internet-governance, e-commerce etc

Source Source 2
13 October 2016

India-Belgium Joint Statement

Prime Minister
Welcomed the ongoing negotiations to cooperate in the area of ICT and Electronics, including in cybersecurity.
Source
30 March 2016

Memorandum of Understanding, India-U.K.

CERT-In
Exchange of knowledge and information on cyber attacks, response to cyber security incidents, between CERTs
Source
May 2016

India-Saudi Arabia Joint Statement

Head of State
Promote cooperation in cyber security, including prevention of use of cyber space for terrorism, radicalization and for disturbing social harmony
Source
3 April 2016

Memorandum of Understanding, India-UAE

Ministry of Home Affairs
Technical cooperation in cyber space and combating cyber-crime
Source
February 2016

Memorandum of Understanding, India-Uzbekistan

CERT-In
Cooperation in the area of Cyber Security
Source
25 January 2016

Memorandum of Understanding and Joint Statement, France-India

Head of State
Increased cooperation between the Indian and French Armed Forces in the fields of cybersecurity, Special Forces and intelligence-sharing to tackle the
common threat of terrorism
Source
25 January 2016

Memorandum of Understanding, India-Singapore

 India Last Updated: March 2021

CERT-In
Establish formal cooperation in cyber security between the Singapore Computer Emergency Response Team (SingCERT) and the Indian Computer
Emergency Response Team (CERT-In)
Source
23 November 2015

Memorandum of Understanding, India-Malaysia

CERT-In
Cooperation in the area of Cyber Security
Source
23 November 2015

Memorandum of Understanding, India-Jordan

Indian Ministry of Communications and Information Technology
Cooperation in the field of Information Technology and Electronics
Source
11 October 2015

Joint Statement for India-Mongolia Strategic Partnership

Head of State
India pledges to help set up a cyber security centre in Mongolia's defence and security establishment
Source
17 May 2015

Memorandum of Understanding, Canada-India

Indian Ministry of Communications and Information Technology
Cooperation in the field of Information Communication Technology and Electronics
Source
April 2015

Global Forum on Cyber Expertise, Member

A global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building

Source
2015 (established)

Memorandum of Understanding, Estonia-India

Ministry of Communications & Information Technology
Cooperation in the field of capacity building in the sphere of E-Governance
Source
6 February 2014

Memorandum of Understanding, India-Republic of Korea

CERT-In
Cooperation in the field of cyber security; also high-level agreement to hold Policy Consultations on Cyberspace
Source
17 January 2014
 India Last Updated: March 2021

Memorandum of Understanding, Egypt-India

Ministry of Communications & Information Technology
Cooperation in cyber security
Source
19 March 2013

Memorandum of Understanding, Indo-Brazil-South Africa (IBSA) Forum

Framework for cooperation on the Information Society
Source
13 September 2006

Proposal for India-Ireland Working Group on Information Technology

Ministry of Communications & Information Technology
Proposal for India-Ireland Working Group on Information Technology, between the Indian MC&IT and the Irish Minister for Enterprise Trade and
Development.
Source
April 2000

Membership

Commonwealth

International Telecommunications
Union (ITU)

Shanghai Cooperation Organisation

(SCO)

United Nations (UN)