Prime Minister Narendra Modi, in his speech on India’s 74th Independence Day, announced that India will soon have a new cybersecurity policy. The announcement came against the backdrop of increasing cyber-attacks.

“Cybersecurity is a very important aspect, which cannot be ignored. The government is alert on this and is working on a new, robust policy,”- Narendra Modi

Such threat emanating from cyber space has the potential to impact India’s society, economy and development, the prime minister added.

Why is it the need of the hour?

Primary reason is the rise in cyberattacks, especially after the government imposed lockdown on March 20^th due to the outbreak of Covid-19.

India has seen a 37 per cent increase in cyberattacks in the first quarter (Q1) of 2020, as compared to the fourth quarter (Q4) of last year as per the latest Kaspersky Security Network (KSN) report.

The data also shows that India now ranks 27th globally in the number of web-threats detected by the company in Q1 2020 as compared to when it ranked on the 32nd position globally in Q4 2019.

Another reason is that India has one of the highest users of cyberspace and thus cybersecurity is a national concern, especially due to the increasing use of digital payments and mobile wallets by Indians. With the availability of affordable data packs and falling smartphone prices, Indians are consuming more services on the Internet. Further, the use of digital payments/mobile wallets is on the rise, thanks to Government’s Digital India movement. This coupled with the population of the country, makes it one of the lucrative targets for cyber attackers.

Thus, there is a need of a comprehensive cybersecurity policy at a national level to enable protection of information, safeguard citizen’s data, and work on cracking down on misinformation being spread.

Should the corporate India relax?

No! While corporate India keenly awaits the new cybersecurity policy, they should not relax. Cybersecurity is a matter of concern for both the government as well as the organizations. Cyberattacks and data breaches are potentially costly. Further, employees are often the weak links in an organization’s security. Thus, it is imperative for every organization to have a robust cybersecurity policy in place that explains each stakeholder responsibilities for protecting IT systems and data. The policy must explain the rules for how employees, consultants, partners, board members, and other users who access various applications and internet resources and send data over network.

5 key components of a robust cybersecurity policy:

1. Who gets access to what
2. Rules for using social media
3. Guidelines for password management
4. Directions for accessing applications/devices remotely
5. What’s the penalty in case of failure to adhere

In a nutshell, a comprehensive cybersecurity policy at a national level is a good move as it will provide the legal teeth to organizations to fight the cyber-attackers. However, it is also necessary for corporate India to implement a robust policy at organization level to ensure cybersecurity and prevent cyber-attacks.