Saturday, November 24, 2012

Cyber Security Capabilities Of India Must Be Strengthened

This Article was originally published on 9th February 2012. However, due to DELIBERATE NEGATIVE TACTICS ADOPTED BY GOOGLE, this article was removed by Google despite clear indications that we are the copyright holders and source of original contribution.

Google is engaging in unethical and illegal behavior simply to favour few and working in derogation of others. For complete list of Google’s censorship and negative tactics, kindly visit Websites, Blogs And News Censorship By Google And India.  

Maintaining cyber security at the international level is a tedious task. This is so because cyberspace does not recognises any boundary and cyber attacks can be launched from any part of the world. While cyber attacks upon various computer systems and computer resources are cause of concern yet cyber attacks upon critical infrastructures is of grave concern.

Cyber security in India is at initial stage. Even the information technology act, 2000 (IT Act 2000), which is the sole cyber law of India, does not address the cyber crimes and cyber security issues effectively. We have no dedicated cyber security laws in India and we urgently need a dedicated cyber security legal framework in India.

Meanwhile, India is increasingly facing cyber attacks and cyber threats from foreign nationals. In fact, the cyber laws and cyber security trends of India 2011 by Perry4Law and Perry4Law Techno Legal Base (PTLB) has clearly showed the cyber security vulnerabilities of India. Cyber terrorism against India, cyber warfare against India, cyber espionage against India and cyber attacks against India have already increased a lot. Even the cyber law trends of India 2012 by PTLB have also projected an increased rate of cyber crimes in India and cyber attacks against India in the year 2012.

The biggest cyber threat against India is originating in the form of cyber attacks upon Indian critical infrastructures. Critical infrastructure protection in India requires a well formulated policy. Presently we have no critical infrastructure protection policy of India. Further, critical ICT infrastructure protection in India is one area that requires special attention of Indian government.

Fortunately, Indian government has decided to streamline cyber security of India. The Indian government is in the process of finalising an elaborate plan to strengthen India's cyber security capabilities. A national critical information infrastructure protection centre (NCIPC) of India has also been proposed by Indian government. It intends to ensure critical infrastructure protection and critical ICT infrastructure protection in India.

There are few prerequisites that can make the NCIPC of India successful. Firstly, there must be a centralised ICT command centre of India that can coordinate various cyber security issues. Secondly, specialised agencies and authorities must be constituted for critical infrastructure areas like power, telecom, defense, aviation, etc. These agencies and authorities must coordinate with the centralised command centre for cyber security related issues.

Ministry of communication and information technology (MCIT) has already taken certain initiatives in this regard. For instance, a central monitoring system (CMS) project of India has been launched by MCIT to monitor and intercept electronic communications, messages and information. Further, a national telecom network security coordination board (NTNSCB) of India has also been proposed to strengthen the national telecom security of India.

Now Indian government is planning to step up cyber security protection levels, putting in place real time command-and-control centers and delineating responsibilities among various agencies.

Among the proposals are establishment of dedicated command-and-control centers in India to monitor critical infrastructure in real time, constituting computer emergency response teams (CERTs) for key sectors such as power, aviations, etc and formulation of elaborate protocols for all stakeholders involved in the process of ensuring cyber security in India.

The Cabinet Committee on Security (CS) may approve in a few weeks the multi-layered security plans to protect India's critical infrastructure. The national security advisor (NSA) and the cabinet secretary are working on the final plan.

There would be a clear demarcation of responsibilities between Computer Emergency Response Team-India (CERT-In), National Technical Research Organisation (NTRO), Intelligence Bureau (IB), Military Intelligence (MI) and other agencies that have a role in fighting cyber intrusions. Protocols would be formulated to ensure that there is no overlap between the functions and obligations of various agencies fighting cyber attacks against India. The proposed protocol will also cover department of telecom, department of information technology, National Informatics Centre etc.

Under the proposal, the government will also regularly and proactively monitor and scan critical networks. Not just that, the levels of security for these networks will also be stepped up. CERT-In may also be creating its own real time monitoring centre to strengthen it cyber security initiatives. The responsibility for monitoring critical infrastructure will be divided between NCIPC and CERT-In. The government will also set up dedicated CERT for critical sectors such as power, aviation etc where no such national monitoring mechanism exists.

This is a good step in the right direction and Perry4law and PTLB welcome this move. We also hope that with this the cyber security capabilities of India would be upgraded to the required levels.

Tuesday, November 6, 2012

Cloud Computing Due Diligence In India

Cloud computing around the world is thriving in recognition, but the legal control of this technology is still catching up to its requirements. Nowhere is that more true than in India, where the legal framework for regulation of the cloud computing business needs urgent formulation.

Any business that wants to explore cloud computing must know exactly what is legal and what is not. That’s where we play the decisive role. At Perry4Law, we have been managing cloud computing due diligence and make sure that you are in full compliance with the law before you offer cloud computing to your clients.

The Information Technology Act of 2000 laid the groundwork for due diligence requirements for businesses and stakeholders in the IT industry.  Many of the provisions of the act are relatively stringent, and companies that jump too quickly into cloud computing can find themselves in a jungle of legal issues if they do not perform careful due diligence.

Thus, cyber law due diligence in India cannot be ignored by cloud computing services providers of India. At Perry4Law we have been managing the cyber due diligence for Indian companies on multiple aspects.

One area in particular that has caused headaches for IT companies is privacy. More and more frequent civil proceedings are being initiated as individuals and businesses believe that their privacy rights have been violated, and as cloud computing grows, the potential for even more lawsuits has increased.

We can help your enterprise to navigate the legal framework that currently regulates cloud computing, and also assist you in establishing a best practices model that ensures a rock-solid cloud computing policy for all of your stakeholders.

At Perry4Law, we have our feet on the ground and our head in the clouds–the new practice of cloud computing that is. We can help you to successfully enter this rapidly growing area of technology and make large profits while staying on the right side of the law if you make a request in this regard.

We have also been helping various clients with dispute resolution, competitive intelligence, and recovery of assets to corporations, governments and to private clients, due diligence for Indian companies, providing unrivaled services in India market entry, corporate legal services, intellectual property protection, disputes resolutions, mergers, acquisitions and recovery actions, cyber forensics, cyber security, e-discovery services, etc.

Friday, November 2, 2012

Cyber Security Challenges Of India

The glaring cyber security problems and challenges of India are no more hidden and ignored. Serious cyber security attacks are affecting the critical infrastructure of India. Banks, power infrastructures, satellites, etc are vulnerable to cyber attacks from around the globe.

The national imperatives of securing operational technologies like smart grids, oil and gas, public utilities, etc are too essential to be ignored by Indian government. Today protecting key economic assets like securing financial backbone and stock exchange, payment infrastructures and financial switches is need of the hour. This includes architecting security for new age banking to make them cyber secure. Cyber security of banks in India is still deficient.

The business community must also keep in mind the cyber law due diligence requirements in India. Cyber due diligence for Indian companies is now a statutory obligation and failure to observe cyber due diligence can bring serious legal ramifications. Ensuring business models, technology transformations and channel revolutions in the midst of organised, focused, advanced and persistent cyber threats is not an easy task.

With the growth of enterprise mobility, mobile applications and cloud enablement data driven businesses, techno legal issues have become more prominent. Social networking platforms have further complicated the scenario.
The Internet is truly global in nature and regional and national regulations and efforts cannot bring the desired results. Cyber law and cyber security issues are global in nature. Indian response to international cyber law treaty is not pro active. International cyber law treaty is required to be formulated as soon as possible.

Similarly, cyber security framework must ensure both national responsibility and global accountability. Any cyber diplomacy must congregate both national and international interests to be effective and enforceable. Thus, an international cyber security treaty is required to be formulated as well.

With a growing focus upon electronic delivery (e-delivery) of services in India additional responsibilities of securing technology transformation of governance must be ensured. The e-governance projects of India would bring cyber security challenges for which we need readymade solutions.
Similarly, cyber security enablement of growing electronic and mobile commerce would also be required. With the projected increase in volume and growth of commerce and e-commerce in India, cyber security as enabler must be ensured.

The management of consumer rights and business responsibilities in the information age is not an easy task. For instance, the present telemarketing policy of India is anti consumer. Similarly, the telecom dispute resolution process in India is also anti consumer.

The future of cyber security in India is tough to manage. The sooner we start working in this direction on ground level and actual basis the better it would be for the larger interest of India.

Thursday, November 1, 2012

Cyber Law Firms In India

Cyber law firms in New Delhi India are not easy to find. This is because there are only handfuls of cyber law firms in India. Cyber law is essentially a techno legal field that requires a thorough knowledge of both technical and legal aspects.

Cyber law is a complicated subject that requires tremendous expertise to manage. There are very few cyber law firms in New Delhi India and Perry4Law is proud to be one of them. Further, Perry4Law is the exclusive techno legal ICT law firm of India and is the exclusive techno legal cyber law firm of India.

The cyber law expertise of Perry4Law is supported by Perry4Law’s Techno Legal Base (PTLB) that is the leading techno legal platform of the world. PTLB is also managing the exclusive techno legal cyber crime investigation centre of India (CCICI) that is assisting in investigation and solving of cyber crimes in India.

PTLB is also resolving India’s glaring cyber security challenges and strengthening the cyber security environment of India through it exclusive techno legal cyber security research and development centre of India (CSRDCI). Further, the national cyber security database of India (NCSDI) is also a cyber security initiative of PTLB.

As a techno legal ICT law firm we are trying to give cyber law of India a new shape. Further, one area that has recently interested the legal community pertains to cyber security. Although cyber security as a legal field has started gaining attention of foreign lawyers and law firms yet cyber security law firms in India or cyber security lawyers in India are still missing.

If you are interested in our cyber law, cyber security, cyber forensics, e-discovery, e-commerce, intellectual property rights (IPRs), corporate laws, LPO and KPO, e-courts, online dispute resolution (ODR), cyber skills development, cyber law trainings and other techno legal services, you may contact us in this regard.