“NATIONAL CYBERSECURITY

POLICY,2013”

SESSION 2024-2025
DEPARTMENT OF POLITICAL SCIENCE
J.S.HINDU P.G. COLLEGE ,AMROHA

SUBMITTED TO SUBMITTED BY

DR.MANMOHAN SINGH TANZEEM

(HOD) M.A.3RDSEMESTER
(POLITICAL SCIENCE )

1
 CERTIFICATE

This is to certify that the ASSIGNMENT titled

“NATIONAL CYBERSECURITY POLICY,2013 “
completed by TANZEEM D/o ADIL QURESHI M.A 3RD
SEMESTER POLITICAL SCIENCE roll no.249108050337
is genuine and original ,done with honestly and
dignity.
No copyright of anyone seems being violated .
All helping sources have assigned their due credit .

SIGNATURE:
NAME : DR MANMOHAN SINGH
DESIGNATION: HOD/INRG
DEPARTMENT: POLITICAL SCIENCE
COLLEGE : J.S. HINDU (P.G.)COLLEGE
AMROHA AFFILIATED TO M.J.P.ROHAILKHAND
UNIVERSITY ,BAREILLY

2
 DECLARATION

I TANZEEM D/O ADIL QURESHI student of

M.A (POLITICAL SCIENCE) semester 3RD
roll no .249108050337 declare that the
ASSIGNMENT “NATIONAL CYBERSECURITY
POLICY 2013” completed by me is
genuine and original.
No copyright of anyone has been
violated
All helping sources have been assigned
their due credit .

Signature:

3
 ACKNOWLEDGEMENT

The success and final shape of this ASSIGNMENT required a

lot of effort, guidance and support from many people. I feel
privileged to have got this all along the completion of my
assignment on “national cybersecurity policy 2013”. I priorly
thank to god for giving me blessings on me especially for my
assignment ,secondly to my teacher, DR MANMOHAN
SINGH (HOD) for giving me an opportunity to do this
assignment and providing me all the support and guidance due
to which this assignment is completed on time. I would like to
extend sincere regards to my Parents and my close friends for
their encouragement and for their timely support and guidance.

TANZEEM
M.A 3rd SEMESTER POLITICAL SCIENCE

4
SR CHAPTERIZATION PAGE
NO NO.

1. INTRODUCTION 6

2. BACKGROUND AND SCOPE 6

3. INDIA’S CYBERSECURITY POLICY 6-7

4. WHAT IS CYBER SECURITY ? 7

5. NATIONAL CYBERSECURITY POLICY ,2013 7-8

6. NEED FOR A NATIONAL CYBER SECURITY STRATEGY 8-9

7. OBJECTIVES OF NATIONAL CYBER SECURITY POLICY 9

8. GLOBAL IMPLICATIONS 10

9. INTERNATIONAL LAW AND CYBERSECURITY 10-11

10. INDIA’S MULTILATERAL ROLE 11

MAIN COMPONENTS OF THE NATIONAL CYBER
11. SECURITY STRATEGY 12-13
CONCERNS ASSOCIATED WITH NATIONAL CYBER
12. SECURITY POLICY 2013 13-14
CYBER SECURITY POLICY IN INDIA’S DIGITAL
13. LANDSCAPE 14

14. THE WAY FORWARD 14-15

15. CONCLUSION 15

5
INTRODUCTION
The National Cyber Security Policy is a policy framework developed by the
Department of Electronics and Information Technology that aims to protect public and
private infrastructure from cyber attacks. The Policy also intends to protect
"information, such as personal information (of web users), financial and banking
information, and sovereign data of the country." The Ministry of Communications and
Information Technology, Government of India, defines the objectives of the National
Cyber Security Policy as creating a secure cyber ecosystem in the country, generating
adequate trust and confidence in I.T. systems and transactions in cyberspace, and thus
increasing the adoption of I.T. in all sectors of the economy.

BACKGROUND AND SCOPE

Cybersecurity has been recognized by Indian decision makers as a key foreign policy
and security priority. However, at this stage, there has been no clear public articulation
of any intention by India to conduct international cyber operations. There is no publicly
known overarching declaratory doctrine, policy or legislative framework that captures
India’s strategic interests, ambitions and restraints in this arena. However, the cyber
institutional machinery and policy landscape are evolving rapidly, with several new
institutions set up in the last decade and several policies in the nascent stages of
development or due to be released soon, including notably the National Cyber Security
Strategy. Further, public statements by public officials on India’s cyber doctrine and
operations could serve as evidence of intent to conduct international cyber operations.
Therefore, at this stage, India’s present capabilities and strategy can be inferred from
an informed analysis of existing State practice and institutional architecture and a
combined reading of existing laws and policies.

For the purpose of this paper, “international cyber operation” refers to the use of cyber
capabilities with the intention of advancing the defensive or offensive strategic
objectives of a country or to project power in and through foreign cyberspace by
“[compromising] the confidentiality, integrity, or availability of an adversary’s
information technology systems or networks; devices controlled by these systems or
networks; or information resident in or passing through these systems or networks”.

INDIA’S CYBERSECURITY POLICY

India’s National Cyber Security Policy aims to develop bilateral and multilateral cyber
security relationships through capacity-building support in this field. India’s cyber

6
diplomacy places strong emphasis on upgrading skills and capacity; exchange and
sharing of information and providing partner countries with access to technology for
their national development.

Its main priorities include fostering strategic engagement with key partners and
international organizations for enabling capabilities to respond to cyberattacks; and to
jointly collaborate with partner countries to guarantee international security and a
safe, secure cyberspace.

The Indian government aims to create and develop solid safeguards through dynamic
policies to enhance the protection of India’s cyber ecosystem. India has borne the brunt
of several cross-border cyber-attacks in the recent past – a direct threat to India’s
internal security. International collaboration is one way of securing cyberspace.

The government’s Cyber Surakshit Bharat Initiative aims to raise domestic awareness
about cyber crimes and create safety measures. It also seeks to focus on “skill
development and training” in the next 4 to 5 years, for the creation of a talent pool of
500,000 IT professionals, having specialized knowledge and expertise in cyber security
aspects. The public, telecom companies and other stakeholders are constantly notified of
the need to use IT-enabled products from trusted sources only.

Agencies like the Defence Cyber Agency (DCyA) and the Indian Computer Emergency
Response Team (CERT-In) have set up response systems to counter cyber threats,
besides identifying vulnerable sectors in the country’s cyberspace. These and other allied
agencies are also responsible for the Protection of Critical Infrastructure, conducting
round-the-clock surveillance, and installing data encryption and data recovery systems
to safeguard against cyber-hacks.

WHAT IS CYBER SECURITY?

Cyber security is the activity of protecting computers, servers, mobile devices, electronic
systems, networks, and data against hostile assaults. It is the technique of guarding
against digital assaults on systems, networks, and programmes. With an expanding
number of people, devices, and programmes in the contemporary organization, as well
as an increasing deluge of data, cybersecurity is becoming increasingly important.

NATIONAL CYBER SECURITY POLICY 2013

o The Government of India issued the National Cyber Security Policy (NCSP) in
2013, which included many tactics for countering cyber security threats.

7
 o The purpose of this Policy is to provide individuals, companies, and the
Government with a secure and dependable cyberspace. It also strives to monitor,
protect, and enhance cybersecurity defences.

o Through a mix of institutional structures, procedures, technology, and

collaboration, this Policy intends to secure the information infrastructure in
cyberspace, decrease vulnerabilities, create capacities to avoid and respond to
cyber attacks, and limit damage from cyber events.

The Vision of National Cyber Security Policy 2013

To build secure and resilient cyberspace for citizens, businesses and the
Government.

The mission of National Cyber Security Policy 2013

To protect information and information infrastructure in cyberspace, build
capabilities to prevent and respond to cyber threats, reduce vulnerabilities and
minimize damage from cyber incidents through a combination of institutional
structures, people, processes, technology and cooperation.

NEED FOR A NATIONAL CYBER SECURITY STRATEGY

o India’s society is increasingly reliant on digital technology for communication,
banking, and other areas of daily life. The use of social media and digital
payments has increased significantly.

o In 2022, ransomware occurrences increased by 51%, according to the Indian

Computer Emergency Response Team (CERT-In).

o Cybercrime against individuals and institutions is on the rise. Rogue elements

and criminal syndicates have become more adept in their local and international
hacking operations and targeted phishing attempts.

o In light of increasing geopolitical dynamics in South Asia and the Indo-Pacific,

cyber-attacks by India’s rivals have increased. State and non-state actors have
launched attacks against India’s nuclear infrastructure, electricity systems,
telecom equipment ecosystems, and financial systems.

8
 o After Galway, China already attacked India’s energy network and attempted to
enter the National Security Adviser in 2010. These attempts have had a
profound influence on India’s view of national security.

OBJECTIVES OF NATIONAL CYBER SECURITY POLICY

Here are some major cyber security objectives of the National Cyber Security
Policy

o To build a safe cyber environment in the country, develop appropriate trust and
confidence in I.T. systems and cyberspace transactions, and so increase I.T.
adoption in all sectors of the economy.

o To provide information protection when in process, processing, storage, and

transport to preserve citizen data privacy and reduce economic losses due to
cybercrime or data theft.

o To improve law enforcement skills and allow successful cybercrime prevention,

investigation, and conviction by appropriate legislative action.

o To raise awareness of the integrity of I.C.T. goods and services by developing

infrastructure for testing and validating their security.

o To give firms financial incentives for adopting standard security procedures

and processes.

o Through a successful communication and promotion approach, a culture of cyber

security and privacy will be established, allowing responsible user behaviour and
activities.

o To meet national security needs by developing appropriate indigenous security

technologies through frontier technology research, solution-oriented research,
and commercialization.

o To provide an assurance framework for the establishment of security policies, as

well as to promote and enable activities for conformance to global security
standards and best practices through conformity assessment.

o To fortify the regulatory framework to ensure a secure cyberspace ecology.

9
 GLOBAL IMPLICATIONS
Data protection and data privacy are critical issues in international relations, more so
given the rapid expansion of cyber-space, the proliferation of global cyber activity
across geographical boundaries, and the ever-increasing number of multinational
technology companies.

Hostile hackers, spammers, and cybercriminals, who are a serious threat globally, have
upped the ante, by resorting to cyber-attacks, ransomware attacks, identity theft, and
data breaches – acts that cripple critical systems and cause heavy financial losses. Many
other aspects of cyber fraud like money laundering and terrorist financing, seriously
impact international banking, financial services and corporate business deals.

Mercenary elements in the form of Cyber hackers often operate with impunity under the
guise of nation-states, posing serious risks to global security. Economically weaker and
lower-middle-income countries are more susceptible to cyber-intrusions which could
potentially have disastrous consequences for their weak fledgling economies.

Given the sheer magnitude and global spread of such cyber-attacks, it is difficult to
precisely measure their disastrous impact. Yet there are estimations that cybercrime
around the world amounts to trillions of dollars in losses annually to the global
economy.

Fortunately, in recent times, there is growing recognition of the need to tackle this
menace head-on. Governments around the world now invest more time, resources and
funds in upgrading cyber-security systems and building safeguards to reduce the risks.
Emphasis is laid on the protection of Intellectual property and combating security
threats like financial frauds emanating from foreign lands. New technologies are being
leveraged to augment global security and protection of national assets by improving
defences against cyber threats.

INTERNATIONAL LAW AND CYBERSECURITY

International law has evolved and adapted to threats in cyberspace. Provisions and
safeguards have been devised to strengthen cybersecurity and to contain or minimize
the impact of cyber warfare. Sovereignty and Non-Intervention are the guiding
principles for framing legal provisions on cyberspace activities. It also covers aspects of
preventing data breaches and identity theft by protecting sensitive information from
hackers, cybercriminals, and other hostile actors.

10
The biggest challenge facing cyber security diplomacy is the lack of uniform laws and
clear-cut legal guidelines on data protection in different countries around the world.
Questions get raised about the legitimacy, legality and jurisdiction of any potential
measures envisaged under a common international cyber law.

While countries like the United States, Australia and The Netherlands rank high on
the Global Cybersecurity Index (GCI), India figures very low in the pecking order.
India lags primarily due to a dearth of critical infrastructure, under-achievement and
gaps in adopting the “Digital Economy” and lack of robust, enforceable government
regulations on cybersecurity.

The 2001 Budapest Convention on Cybercrime is a criminal justice treaty that aims to
help countries investigate and prosecute cybercrime while providing a framework for
international cooperation between police and judicial systems on issues of Copyright
infringement, Computer-related fraud, Online Child pornography, and Network
security violations. It attempts to harmonize national laws through international
cooperation.

INDIA’S MULTILATERAL ROLE

At the UN platform, India has advocated for global cooperation on
cybersecurity, for harmonizing regulations, best practices, and
benchmarks. India has participated in UN initiatives related to
cybersecurity, including a 2022 meeting to discuss ransomware where
India also chaired a working group on cyber-resilience. During India’s G20
Presidency, the grouping recognized cyber security as a critical component of the digital
economy.

India has also been part of the Quad cybersecurity partnership and has supported
initiatives on Secure Software, Cybersecurity of Critical Infrastructure, Supply Chain
Resilience and Security.

Earlier this year, SIA India entered a collaborative partnership with ISAC – an
international cybersecurity foundation.

11
MAIN COMPONENTS OF THE NATIONAL CYBER
SECURITY STRATEGY
National cybersecurity strategies (NCSSs) are the primary documents used by
national governments to establish strategic directives, goals, and specific actions
to reduce cybersecurity risk. This section describes the Main Components of the
National Cyber Security Strategy for a deeper understanding of cyber security
strategy

Strengthening the Regulatory Framework

o To require frequent audits and evaluations of the sufficiency and effectiveness of
information infrastructure security by the regulatory framework.

o To empower, educate, and increase public understanding of the regulatory

system.

Promotion of Research & Development in cyber security

o Encourage R&D to generate cost-effective, tailor-made indigenous security
solutions that address a broader variety of cyber security concerns, with an eye
toward export markets.

o To assist the transfer, dissemination, and commercialization of R&D outputs

into commercial goods and services for use in the public and private sectors.

Securing E-Governance services

o To promote the use of Public Key Infrastructure (PKI) for trustworthy
communication and transactions throughout the Government.

o To hire information security specialists to help with e-Government projects and

to assure compliance with security best practices.

Encouraging Open Standards

o To promote the adoption of open standards to improve interoperability and data
sharing among various goods or services.

o To encourage the formation of a public-private partnership to increase the

availability of tested and certified I.T. solutions based on open standards.

Creating an assurance framework

12
 o Identify and categorize information infrastructure facilities and assets at the
entity level in terms of risk perception to implement appropriate security
protection measures.

o To promote secure application procedures that adhere to global best standards.

Creating a secure cyber ecosystem

o To guarantee that all firms set up a designated budget for developing cyber
security programmes and responding to cyber events.

o To offer fiscal schemes and incentives to incentivize entities to establish,

enhance, and update cybersecurity-related information infrastructure.

CONCERNS ASSOCIATED WITH NATIONAL CYBER

SECURITY POLICY 2013
Here are some major concerns Associated with National Cyber Security Policy;

o India’s cyber security responses to attacks have been reacted to in a reactive and
fragmented manner. Delays have serious consequences for India’s digital
revolution, diplomatic efforts, and domestic privacy.

o Within a trust-based ecosystem, coordination between government agencies and

the private sector does not work.

o While India’s cyber security activities have primarily been defensive, the
Government has also established capabilities for aggressive endeavours. There
are already ways for both defensive and aggressive cyber reactions.

o According to statistics, China is responsible for one-third of all global cyber-

attacks. They are now developing technology that will allow them to connect to
the internet via satellite channels.

o WhatsApp sued Israeli surveillance firm N.S.O. Group, saying that the business
enabled clients to use malware to get access to the phones of over 1,400
customers, including those in India. Journalists and political opponents were
among those targeted by the hack.

o Pakistan is employing APT 36 to attack Indian firms. In reality, there is a

hacking gang known as LAZARUS that is widely recognized for carrying out

13
 financially targeted assaults in India, Bangladesh, and other South Asian
nations.

CYBER SECURITY POLICY IN INDIA’S DIGITAL

LANDSCAPE
o Cyberattacks on India’s digital environment have increased in scale and
sophistication in recent months, targeting sensitive personal and commercial
data as well as essential information infrastructure, harming the economy and
national security.

o The modifications to the Information Technology Rules 2021 must also be

authorized for users and intermediaries to comply.

o The Indian Government issued a National Cyber Security Policy (NCSP) in

2013, outlining a variety of tactics for combating cyber-attacks. There has been
no policy implementation over the past eight years.

o Furthermore, the National Security Coordinator should be subjected to frequent

network cyber audits by government authorities. When implemented as part of a
national Cyber Security Policy, these procedures will enable improved
cybersecurity management and implementation.

o Through its upcoming National Cyber Security Policy, India has the potential
to integrate its domestic Policy with its global goals.

THE WAY FORWARD

Cybercrimes have a debilitating effect on a nation’s economy and the society at
large. We need to do our utmost to keep ourselves and the world safe from the
predatory acts of both state and non-state actors in Cyber-space. International
efforts need to focus on building a stable and secure domain for global Internet
and cyberspace activities while guaranteeing the Rule of Law and the protection
of democratic, fundamental and human rights of citizens across borders.Policies
on Cyberspace-related issues have cross-border and global implications, which
make it incumbent on member states to actively maintain mutual coordination,
collaboration and engagement.The global community must collectively ensure
the security of critical infrastructure and protect essential services like hospitals,
energy grids, manufacturing facilities, transport logistics, airlines and railways
from cyber-attacks. Governments must come together to establish uniform cyber

14
 norms encourage ethical conduct of cyber activities, and collaborate in resolving
crises triggered by hostile cyber acts. The last word on CS must be left to the
renowned cyber expert James Scott who once said – “There’s no silver
bullet with cybersecurity; a layered defence is the only viable
option.”

CONCLUSION
The Government is concerned about increasing cyber risks and vulnerabilities as
India’s population and government services become more online. This fear
prompted numerous ministries to take action. However, India’s cyber security
system has a long way to go. While India’s primary reaction to cyberattacks has
been to conduct audits and strengthen network security, a national Cyber
Security Policy might establish a more comprehensive framework that can be
used consistently across the country. Launching an updated and comprehensive
national Cyber Security Policy is critical.

15