Current Act outdated, need to include cyber security in IT legal framework: DCA chief

Sushant Kulkarni
"As we speak about strengthening the legislative framework, the IT Act does not talk much about cyber security because, made in 2008, it is already outdated in my opinion, said Rear Admiral Mohit Gupta

Rear Admiral Mohit Gupta, head of India s newly-formed Defence Cyber Agency (DCA), has pressed for the incorporation of cyber security aspects in the country s outdated Information Technology Act and sought allocation of a dedicated chunk of the IT budget for securing cyberspace.

Rear Admiral Gupta was appointed in May as the first head of the DCA, a tri-service command of the Indian armed forces. He made the remarks while speaking at the Capsule on Science Technology and Applied Research, organised for senior officers of the three armed forces, at the Military Institute of Technology.

Delivering the keynote address on the second day of the Capsule, which is focusing on cyber security, Rear Admiral Gupta said, As a disclaimer, I would like to say that India still does not have a cyber security strategy. We made some beginnings with the Information Technology Act in 2000, which was amended in 2008, and subsequently the National Cyber Security Policy was framed in 2013. There is an exercise underway to prepare the National Cyber Security Strategy, which is to be released in 2020.

He added, As we speak about strengthening the legislative framework, the IT Act does not talk much about cyber security because, made in 2008, it is already outdated in my opinion. There is a serious need to modify the IT Act. There are certain countries in the world which have a separate Cyber Security Act and some have cyber security embedded in the IT Act. Legal experts can take a call on that.

Rear Admiral Gupta, who is originally a submariner, laid out a wish list for the cyber security strategy currently being framed, We will have to make cyber security a national mission, it can t be limited to organisations. There will have to be mass awareness campaigns and it has to be part of our school curriculum. We will have to nurture a cyber workforce. We will have to have mechanisms to guard social media space against fake news and anti-social activities. Further, the way we project our soft power to the world has changed… we will have to focus on resilience building and look at indigenisation and innovation, which will lead to digital strategic autonomy.

He added, For all these efforts, a dedicated budget is very important. Possibly, the government should start saying that 10 per cent of the IT budget should be dedicated to cyber security, or they can say that if a private organisation spends a fixed chunk on cyber security, they will get tax benefits.

Speaking about what he termed the threat landscape in cyberspace, Rear Admiral Gupta said, One important aspect is social engineering, like how the minds of the people were manipulated in the 2016 US

presidential elections or 2018 Senate elections, and we see this happening more and more. There is a social media war going on between India and Pakistan at the moment.

Elaborating on the country s Cyber Security Strategy, which is in the pipeline, Rear Admiral Gupta said, National Cyber Security Coordinator, General Pant, has already announced that a cyber security strategy for the nation is under preparation. Unlike the policy of 2013, which was released by a ministry, this strategy will be released by the PMO. And from this strategy, key tenets will flow as directions to the ministries, various organisations of the government and private industry. This will be tabled to the Cabinet Committee on Security by the end of this year and by January 2020, we will have a strategy in place, with a tenure of five years.