Showing posts with label CYBER SECURITY IN INDIA. Show all posts
Showing posts with label CYBER SECURITY IN INDIA. Show all posts

Thursday, February 9, 2012

Cyber Security Laws In India

With the growing incidences of cyber attacks against India, cyber security in India has got the attention of Indian government. Cyber security in India is not satisfactory. Whether it is legal framework or practical implementation, cyber security of India is still lagging far behind that other nations.

We have no dedicated cyber security laws in India and we urgently need a dedicated cyber security legal framework in India. Further, cyber security capabilities of India must be strengthened so that cyber attacks against India’s critical infrastructures can be prevented.

The cyber laws and cyber security trends of India 2011 by Perry4Law and Perry4Law Techno Legal Base (PTLB) has clearly showed the cyber security vulnerabilities of India. Cyber terrorism against India, cyber warfare against India, cyber espionage against India and cyber attacks against India have already increased a lot. Even the cyber law trends of India 2012 by PTLB have also projected an increased rate of cyber crimes in India and cyber attacks against India in the year 2012.

Cyber security laws in India have not been formulated because there is very low cyber law and cyber security awareness in India. As a result we have very few cyber law firms in India and cyber security law firms in India.

Further, cyber security research, training and education in India are also not fully developed. PTLB is managing the exclusive techno legal cyber security centre of India. In the absence of qualitative educational institutes in India, cyber security courses in India are still maturing. Further, cyber security skills development in India is greatly affected in the absence of practical techno legal trainings in this crucial field.

Indian government has now shown some positive response for strengthening cyber security in India. A national critical information infrastructure protection centre (NCIPC) of India has also been proposed by Indian government. This is appositive development and Perry4Law and PTLB welcome this effort of Indian government.

Thursday, February 2, 2012

New National Telecom Network Security Policy Of India

Recently a body named National Telecom Network Security Coordination Board (NTNSCB) of India has been proposed to be constituted by Indian government. The aim of establishment of NTNSCB is to ensure cyber security and telecom network security in India in a centralised manner.

The establishment of proposed NTNSCB would require formulation of telecom security policy in India and telecom equipments security framework in India at the first instance. There is no local or indigenous mechanism in India through which telecom hardware and software can be analysed for backdoors and malware.

However, Indian government has declared in the past that telecom equipments must be certified by TEC before use in India. A proposal to store call data records has also been given. The norms for import of telecom equipments in India would also be formulated very soon. Similarly, a telecom security policy of India may also be drafted.

Now as per recent media reports, telecom operators, equipment vendors, enterprise communication network users will all be made responsible for securing telecom networks under a new telecom network security policy of India. It has been reported that the policy would be drafted by the Department of Telecom (DoT) and it also intends to make network robust so that they can deal with disasters and crisis situations.

Under the proposed telecom network security policy, all telecom network equipments will have to get a “safe to connect certification” before they can be used in India. The certification will have to be done through a testing laboratory. Periodic test of the telecom networks will be carried out to ensure that no threat has crept into the network.

The proposed telecom network security also wants corporates using global enterprise communication networks to ensure that the network within the country complies with the security requirements. It is possible that network of these enterprises are subjected to laws of different countries, which may not be the same. Therefore, enterprises would have to adopt a little flexible approach in building their network security policies in such a way that part of the network in the geographical boundary of the country follows the security requirements mandated by this policy.

The policy also suggests setting up a centralised institution to address network and cyber security issues. Presently, the central monitoring system (CMS) project of India is one such centralised mechanism that DoT is planning to launch. A national cyber security policy of India may strengthen this initiative of DoT.

Sunday, January 1, 2012

Cyber Law Of India Should Be Reformed

Technological issues when collaborated with legal framework bring complex situations. It is very difficult to provide a legal framework for technological issues. India is also trying to grapple with this problem. Although cyber law in India has been enacted in the form of information technology act 2000 (IT Act 2000) yet it has remained archaic and non performer. The cyber law trends in India 2011 proved this point.

Cyber law of India needs to be rejuvenated. The emphasis must be to develop and protect Indian cyberspace rather than considering as a threat to be tackled through Internet censorship, websites blocking, e-surveillance, phone tapping and similar anti civil liberties protection in cyberspace.

Similarly stress should be given to cyber security of India through cyber security due diligence and mandatory obligations. The cyber security trends in India 2011 have proved that various stakeholders in India are not paying enough attention to cyber security. This is more so regarding banks in India that are not following the cyber security guidelines of Reserve Bank of India (RBI).

Perry4Law and Perry4Law Techno Legal Base (PTLB) believe that a major reason for poor performance on Indian cyber law and cyber security is that we have mixed all the aspects in a single law. For instance, although IT Act 2000 covers issues like cyber law, cyber security, cyber forensics, encryption, e-governance, e-commerce, cyber terrorism, etc yet the same are covered by a single section or more. This way none of them are individually effective.

We must have a separate and dedicated law for each of these issues that seem to have been dumped into a single law making it ineffective and useless for those issues. Further, the information technology amendment act 2008 (IT Act 2008 amendments) have further complicated the issue. By making almost all the cyber crimes “bailable”, Indian government has created a big nuisance for itself.

Perry4Law and PTLB hope that the year 2012 would bring major relief in this regard. Law making is a lengthy and tedious process and the sooner it is started the better it would be for the larger interest of India.

Monday, November 21, 2011

Are Indian Satellites Safe From Cyber Attacks?

Cyber attacks and cyber espionage by one nation against another are very common these days. Though nations are attacking one another through cyber intrusions yet none of them come forward to accept the same. Whether we like it or not but cyber attacks and cyber espionage would continue to be used by various nations against each other.

This process is a part of traditional strategic information gathering by defence forces, intelligence agencies, etc. For instance, the systems and techniques capable of destroying an adversary’s satellites have been a major focus of arm race in outer space. With the active use of Internet, the same process has taken a shape of cyber espionage and cyber attacks.

Naturally, we must focus upon a robust and effective cyber security in India. For instance, Indian preventive and offensive capabilities against cyber warfare must be developed to ward off growing incidences of cyber espionage and cyber attacks against India.

Indian critical infrastructure if frequently targeted by cyber attacks. Malware like Stuxnet and Duqu are increasingly found in the computers managing the critical infrastructure of India. In fact some believe that Stuxnet was also responsible for the destruction of an Indian broadcasting satellite. Cyber security of Indian satellites is a natural choice in these circumstances.

The Indian government must deliberate upon cyber threats like cyber espionage and cyber warfare that are increasingly targeting strategic computers and facilities. With growing interest in cyber security, this may be achieved within few years in India.

Friday, November 18, 2011

National Cyber Security Policy of India Is Needed

Cyber security policy and strategy is an important aspect of national security. Till now we have no national security policy of India. There is no second opinion about the fact that national security policy of India is required and the sooner it is drafted and implemented the better it would be for India.

In fact, national security of India is affected by turf war that is putting the entire national security at risk. For instance, Indian nuclear facilities may not be cyber secure. Indian websites are occasionally defaced.

Crucial computers at strategic government departments and defense forces are frequently compromised. The servers of national informatics centre (NIC) of India were recently hacked. This puts the entire governmental web infrastructure at risk.

A sound national security policy must have many essential and important aspects incorporated into it. One such essential component is cyber security policy and strategy of India. Till now we have no implementable national cyber security policy of India.

India’s national cyber security policy must be suitable formulated and immediately implemented. Further, Indian counter terrorism capabilities needs rejuvenation to deal with traditional terrorism and cyber terrorism. Indian banks are also not very good at cyber security and they are not willing to upgrade their cyber security despite the mandatory recommendations by Reserve Bank of India (RBI).

At the international level efforts have been streamlined to strengthen cyber security and global cyber security cooperation. Recently NATO requested cyber security cooperation from India.

Even at the individual level countries are strengthening their offensive and defensive cyber capabilities. In United States, the DARPA is developing offensive and preventive cyber capabilities. Indian defense and security against cyber warfare must also be developed.

It is high time for India to develop cyber offensive and defensive capabilities so that it can manage cyber threats like cyber terrorism, cyber warfare, cyber espionage, etc in a timely and effective manner.

Wednesday, October 5, 2011

Cyber Warfare Against India

Cyber warfare is a concept that is still haunting the international community. The situation is so serious that north atlantic treaty organisation (NATO) has sought stronger cooperation with India to counter growing cyber threats.

Cyber warfare is still a murky area as different countries deal with cyber attacks and cyber warfare attacks differently. While countries like US are considering it as an act of aggression on the footing of war yet other countries are taking divergent views. However, all countries are willing to use every possible cyber capabilities as preventive and curative cyber methods.

Till United Nations (UN) steps in and enacts “universally acceptable” international cyber law treaty and international cyber security treaty, this problem would remain murky and difficult to resolve. Further, nothing can benefit more than an international cyber security cooperation that is urgently required.

The incidences of cyber attacks, cyber terrorism, cyber espionage, cyber warfare, etc are increasing against India. However, in the absence of India’s national cyber security policy, cyber security in India is a neglected field. We must urgently develop cyber warfare capabilities in India to thwart growing cyber attacks against India. Further, we must also formulate a cyber warfare policy in India that is presently missing.

Cyber warfare is also the reason why we need to ensure critical infrastructure protection in India and critical ICT infrastructure protection in India. In fact the growing cyber attacks are affecting Indian critical infrastructure. Thus, cyber security capabilities through techno legal cyber security trainings in India must be strengthened. We must stress upon cyber security skills development in India.

The situation is equivalent to a wake up call and Indian government must take urgent steps to strengthen Indian cyber security. The sooner it is adopted the better it would be for a safe and secure cyberspace of India.

Tuesday, September 27, 2011

National Cyber Security Policy Of India

The recent cyber attacks upon India have proved once again that we need to pay more attention to cyber security in India. Cyber security in India is required not only to protect sensitive information stored in the computers of strategic Indian departments and ministries but also to safeguard the present and future critical infrastructure of India.

Not only critical infrastructure protection in India is needed but also critical ICT infrastructure protection in India (CIIP in India) is need of the hour. CIIP in India is an area that requires urgent attention of our policy makers. We must formulate a critical ICT infrastructure protection policy of India as soon as possible.

Similarly, cyberspace crisis management plan of India is also required to be formulated. We must formulate a national ICT crisis management plan of India. Further, Indian crisis management plan against cyber attacks and cyber terrorism must also be formulated.

All these, and many more, aspects must be made a part of the cyber security policy of India. A national cyber security policy of India must be formulated in this regard that is made implementable after a reasonable period. Issues like cyber warfare, cyber terrorism, cyber espionage, international cyber security cooperation, etc must be part of the same.

We need a clear and implementable cyber security strategy of India. The cyber security policy and strategy of India must be techno legal in nature that can take care of both technical and legal aspects of cyber security.

There is no second opinion that national security policy of India is required and cyber security is an essential and indispensable part of the same. The sooner we formulate and adopt the same the better it would be for the larger interests of India.

Friday, September 9, 2011

Jeff Radebe Denies Regulation Of Blackberry’s Messenger Services In South Africa

Research in Motion’s (RIM) Blackberry Service is under fire and facing E-Surveillance Regulations in various Nations. Of course, this is a “gross lack of understanding” of Technology and a “futile exercise” to control the same.

India is one such Nations that believe that E-Surveillance is better than and a substitute of Cyber Security. India seems to be a country that believes that an Internet Kill Switch can be a solution to Cyber Threats. As a result it forced Blackberry to provide a framework that would allow Indian Intelligence Agencies to monitor contents on its Messenger Service. Thus, Blackberry’s Messenger Service is now an E-Surveillance tool in India.

However, we have seen “positive developments” as well. For instance, United Nations has declared that Right to Internet Connection a Human Right. Similarly, recently the Council of Europe’s drafted a Resolution on abuse of State Secrecy and National Security respecting the Civil Liberties. The latest to add to this list is the declaration by South Africa’s Justice Minister Jeff Radebe that South Africa has no plans to regulate Blackberry's encrypted message service BBM for the Cyber Security.

Jeff Radebe said that there were no plans at this stage to regulate the BBM service of Blackberry. His statement came after the Deputy Minister of Communication Obed Bapela recently called for such regulation.

"I have been assigned the portfolio of cyber-security and wish to invite specialists to assist us to determine whether we should regulate applications such as BBM within the context of cyber security," Bapela had said earlier.

The use of BBM in civil unrest in recent weeks in South Africa had raised fears that it could give rise to situations such as that experienced in Arab states.

With countries such as India and Saudi Arabia also recently having proposed regulation for the Blackberry service, legal experts here expressed concern about Bopela's suggestion. However, not only Bopela's viewpoint is right but also ideal as he is inviting the Cyber Security Experts to deliberate upon security related problem that Countries like India and Arab States never do.

Cyber Security problems can be solved only through a “Techno Legal Regime” and not through E-Surveillance and “Oppressive Methods” that India and Arab States are doing. India needs to develop Intelligence Gathering Skills and Cyber Skills to solve it s Cyber Security and National Security related problems.

Monday, July 4, 2011

International Cyber Security Policy Framework And Indian Response

International Organisations are not taking much interest in the field of Cyber Security and prevention of Cyber Crimes. Of course, at the National level countries like US have laid down their International Strategy for Cyberspace.

The Government Departments in US have also shown an increased Cooperation in the field of Cyber Security. Now US Department of Defense (DOD) and Department of Homeland Security (DHS) would share their respective Cyber Security Expertise.

Further, US has also started strengthening its Cyber Security ties with other Nations and India US Homeland Security Dialogue was a part of the same. In fact, India and US have also signed a Cyber Security Cooperation Agreement. Meanwhile International Organisations have also shown their seriousness towards Cyber Crimes and they have started working in this direction.

However, Cyber Security in India is not upto the mark. We have no Cyber Security Strategy in India. Despite the importance of this issue, we have no “Effective and Implementable” Cyber Security Policy in India.

Further, we have no Cyber Warfare Policy of India, Critical ICT Infrastructure protection Policy in India, Data Protection Laws in India, Cloud Computing Policy in India, Cyber Security Laws in India, etc. Important issues like Cyber Crisis Management Plan of India, Cyber Forensics Laws in India, Legal Enablement of ICT Systems in India, etc are still not part of National Policies and Strategies of India.

At the International level we have no International Cyber Law Treaty and International Cyber Security Treaty that are “Universally Acceptable”. Further, the United Nations and other countries have still to Protect Human Rights in Cyberspace that are blatantly violated World over.

Cyber Security is essentially an International Issue and regional efforts are not conducive for the long term security of Cyberspace. For instance, EU has set up a Cyber Crimes Fighter Team, Seoul has formulated its Cyber Security Plan, Scotland Yard established its own Cyber Flying Squad, EU formed CERT Group to fight Cyber Attacks, etc. While these initiatives are timely and praiseworthy yet they are “Regional” in nature and Cyberspace and Cyber Security are International in nature.

Recent Cyber Attacks on Multinational Firms and Institutions ranging from Google and Citigroup to the International Monetary Fund, have raised fears that Governments and the Private Sector are not well equipped to deal with Cyber Attacks. It is high time that we must ensure not only an “International Harmonised Legal Framework” but also a Robust and Effective International Cyber Security Cooperation that is presently missing. India must also prepare itself for the bigger and unforeseen challenges that are waiting for it.

Thursday, June 9, 2011

Cyber Crisis Management Plan Of India

Crisis Management is an important aspect of planning and management of any project or eventuality. If we have a proper Crisis Management Plan, losses of lives and property is minimised to a great extent. We have Crisis Management Plans in India against floods, earthquakes and other natural calamities. However, are we prepared for Cyber Crises in Indian Cyberspace?

India has formulated a Crisis Management Plan for its Cyberspace. However, like other Policies and Strategies in India, it has not been implemented in true letter and spirit. Even the basic level Cyber Security Preparedness in India is not up to the mark.

There are many aspects of a Cyber Crisis Management Plan. For instance, Cyber Security, Cyber Law, Cyber Forensics, Anti Cyber Terrorism Plans, Anti Cyber Espionage Plans, Anti Cyber Warfare Plans, Human Rights Protection in Cyberspace, Critical ICT Infrastructure Protection, etc are some of the “Components” of a Cyber Crisis Management Plan.

Theoretically, India has a Cyber Law in the form of Information Technology Act 2000 (IT Act 2000), Cyber Security in the form of Government Guidelines, Cyber Forensics Practices in Governmental Laboratories alone and so on.

However, practically we have no Cyber Crimes Laws in India as the Cyber Law of India has made almost all the Cyber Crimes “Bailable”. We may have a Cyber Law but India has no Cyber Crimes Law. So Legal Framework for preventing Cyber Crimes is “practically missing” in India.

As far as Cyber Security is concerned, we have no Cyber Security Laws in India and no Cyber Security Policy in India. The Governmental Guidelines are meant for Government Departments alone and even these Government Departments do not follow the same. Government Websites are the most frequently defaced websites in India. Similarly, Government Computers are the “most successfully breached” Computers in India. Computers of Defense Forces, Prime Minister’s Office (PMO), Ministry of External Affairs (MEA), Ministry of Home affairs, etc have been successfully breached without even notice by these Ministries/Offices.

As far as other components of Cyber Crisis Management Plan of India are concerned, even they do not exist in India. We have no Cyber Forensics Laws in India, no Cyber Terrorism Policy in India, no Cyber Warfare Policy in India, no Critical ICT Infrastructure Protection Policy in India and no Human Rights Protection in Cyberspace in India.

In fact, Projects like Aadhar, NATGRID, CCTNS, Central Monitoring System (CMS) of India, etc are openly violating the Human Rights of Indians. These Projects are operating without any Legal Framework, Parliamentary Oversight and Judicial Scrutiny.

Even the basic Privacy Rights in India are missing. It is only now the Law Ministry of India has proposed the Right to Privacy Bill 2011 of India. Further, Data Protection Law in India is urgently required. We also need a Data Security Policy of India so that sensitive information and data of projects like Aadhar, NATGRID, CMS, etc is not “misused” once it falls in the wrong hands.

India cannot have a robust and effective Cyber Crisis Management Plan till it considers these aspects and actually starts working in the direction of achieving these components.

Sunday, April 4, 2010

Techno-Legal Online Cyber Security Research, Training And Educational Centre of India

Cyber security management is a tough task especially if it is techno-legal in nature. In that case one has to manage not only the technical aspects but also the legal aspects. Perry4Law is the leading Techno-legal ICT law firm of World. It has many techno-legal segments like Perry4Law Techno-Legal Base (PTLB), Perry4Law Techno-Legal ICT Training Centre (PTLITC), etc. Perry4Law is also running various online techno-legal research, training and educational centre in India. Techno-Legal Cyber Security Research, Training and Educational Centre is one of them.

Cyber security in India is not in a good shape. India is on the verge of a technology revolution and the driving force behind the same is the acceptance and adoption of Information and Communication Technology (ICT) and its benefits. This technology revolution may, however, fail to bring the desired and much needed result if we do not adopt a sound and country oriented e-governance policy. A sound e-governance policy presupposes the existence of a sound and secure e-governance base as well. The security and safety of various ICT platforms and projects in India must be considered on a priority basis before any e-governance base is made fully functional. This presupposes the adoption and use of security measures more particularly empowering judiciary and law enforcement manpower with the knowledge and use of cyber forensics and digital evidencing, says India’s leading techno-legal expert Praveen Dalal.

India cannot achieve a good cyber security till it takes care of both technical as well as legal aspects of cyber security. There is no doubt about the proposition that Indian Parliament is not technology sound and we need to empower it through ICT. At the same time we must also train the governmental officials holding key positions in crucial ministries and departments about basic technology, cyber law and cyber security. These individuals must be trained suitably so that cyber security of crucial systems may not be compromised.

Cyber security is very important to protect businesses, governments and general public at large. The same must be a part of the national policy of a nation. Another crucial aspect related to a secure and strong cyber security in India pertains to critical ICT infrastructure protection in India. Critical infrastructure is becoming increasingly dependent upon ICT these days. If we are unable to secure an ICT system we are also risking critical ICT infrastructure as well.

On the one hand India has a weak and criminal friendly cyber law whereas on the other hand it does not possess tech-savvy law enforcement machinery. Even lawyers and judges are not that much aware about the nitty-gritty of cyber laws. It is high time for India to take some serious steps towards not only making the cyber law of India stronger but also to streamline cyber security of India.

AUTHOR: RAM K KAUSHIK

SOURCE:
GROUND REPORT

Friday, January 22, 2010

BACKTRACK 4 FINAL RELEASE: AN ESSENTIAL TOOL IN YOUR CYBER SECURITY AND CYBER FORENSICS ARSENAL

The final and stable version of Backtrack 4 series is a wonderful penetration testing, cyber security and cyber forensics tool. It is not only a powerful utility but is also useful for multiple purposes. The best part is that it is available to the security and forensics community free of cost.

Although Backtrack has always been a good tool but its team(s) must be congratulated for not only providing it free of cost but also for keeping pace with the contemporary cyberspace challenges. The latest stable and final release has also added the cyber forensics functionality. The best part about this feature is that it is claimed to be safe from making changes to the system under inspection. Although Perry4Law and Perry4Law Techno-Legal Base (PTLBTM/SM) have yet to test the tool but the claimed features are very promising.

A successful cyber forensics examination must essentially gather both volatile as well as non-volatile data and information. Also during the live analysis of a system, files and data should not be overwritten. Similarly, there should not be any change in the integrity of the information residing on the suspected computer or device. Backtrack 4 meets many of these requirements but it still has to enhance the cyber forensics features further. It is very difficult to provide security and forensics functionalities at the same time yet Backtrack 4 is proceeding in the right direction.

All interested person must give it a try and the same can be downloaded from the website of Backtrack. Perry4Law and PTLB are in the process of analysis and use of Backtrack 4 and would come up with their observations and suggestions. For the time being it would be a good idea to start gaining the basic knowledge of Linux.

We are also analysing other freely available cyber security and cyber forensics distributions. There are many freely available and dedicated cyber forensics distributions that are worth trying. Similarly, there are dedicated cyber security softwares that are freely available. We would be covering them one by one.

Thursday, February 7, 2008

CRITICAL ICT INFRASTRUCTURE PROTECTION IN INDIA: NEED OF THE HOUR

In recent years, the frequency and sophistication of cyber security attacks on global Critical Information and Communication Technology (ICT) Infrastructure (Critical ICT Infrastructure) has greatly increased. Cyber-security experts have been warning of the vulnerability of Critical Infrastructure like Power, Energy, Transportation, Water Systems, etc to malicious hackers. Recently hackers have penetrated power systems in several regions outside the U.S. and in one case caused a power blackout affecting multiple cities. This shows the importance of a “Robust Cyber Security Mechanism” for Critical ICT Infrastructure. The Cyber Security Trends in India are not very encouraging.[1] To worsen the situation we have a weak Cyber Law in India.[2] Critical Infrastructure Protection in India must be taken seriously in the larger interest of Indian Citizens/Persons. Crisis and Risk Management by improving security systems integration, interconnectivity and interoperability would help India a lot.[3] The Power and Energy Sector of India must also take the cyber security risks seriously as their ignorance may bring disastrous results. The Government of India has still not shown its “E-Readiness” to accept this reality despite the suggestions and recommendations of Perry4Law and PTLB TM/SM in this regard. India also performed poorly as per the norms and standards of “UN E-Government Survey-2008”. This work is also an appeal to the Government of India to take “Cyber Security Seriously” in India. Cyber Security is witnessing many important phases and trends. From the perspective of mere “fun game” cyber crimes and contraventions have emerged as “professional activities” and have been transformed into a “profession” itself. No country of the world is safe from various cyber crimes and contraventions and all are struggling hard to tackle them. But the fact remains that law and its enforcement are lagging far behind than the standards and practices needed to effectively curb them. The Cyber Security in India is missing and we have a weak Cyber Law in India. We have to develop technologies and capabilities to protect Indian Citizens/Persons in areas such as transport, civil protection, energy, environment, health, etc. Additionally we have to increase the Security of infrastructures and utilities supporting areas such as ICT, transport, energy and services in the financial and administrative domain, etc. Critical Infrastructure Protection in India must be taken seriously in the larger interest of Indian Citizens/Persons. Crisis Management by improving security systems integration, interconnectivity and interoperability would help people of India a lot. The first step towards establishment of a safe and secure cyber space is enactment of a stringent cyber law. The cyber security initiatives are of no use in the absence of a strong, safe and effective law. Similarly, a strong law unsupported by ICT Security and Cyber Security would be impotent in effect. Thus, we need a “Good Combination” of cyber law and cyber security initiatives. Cyber Law in India is witnessing ups and downs of important dimensions. The journey from its origin to its development is not very smooth and conducive for the ICT oriented Indian society. Perry4Law and PTLB TM/SM have been raising these issues from considerable period of time. Though most of the recommendations given by them have been accepted by the Government of India, yet India has to cover a long distance. India must concentrate upon:

(a) Technology building blocks for creating, monitoring and managing secure, resilient and always available information infrastructures that link critical infrastructures,

(b) Risk assessment and contingency planning for interconnected transport or energy networks,

(c) Modelling and simulation for training of concerned officials and manpower,

(d) Optimised situational awareness through intelligent surveillance of interconnected transport or energy infrastructures,

(e) ICT support meeting crises occurring in critical infrastructures,

(f) Security issues with regard to the interaction of individuals with the digital world, etc.
In today’s electronic era, citizens and businesses expect and demand access to reliable, transparent and uninterrupted e-government services. The State must address the challenges associated with protecting confidential information on its systems while providing these groups with the required information. A reliable and uninterrupted e-governance base requires periodic vulnerability assessments. Perry4Law and PTLB TM/SM believe that if commercial and government organisations reevaluate their security, safety, and financial obligations to customers, shareholders, employees, and citizens, the importance of a properly implemented security vulnerability assessment is apparent. The duty of the State in this regard is not only absolute but is also unavoidable unless we ignore the important lesson that Estonia has learnt recently. Let us hope for the best in this regard in the Indian context.

© Praveen Dalal. All rights reserved with the author.
*Techno-Legal ICT, IPR and Cyber Security Specialist at
PTLB TM/SM
Managing Partner-Perry4Law (First Techno-Legal and ICT Law Firm, New Delhi, India).
LL.M, Ph.D (Cyber Forensics in India: A Techno-Legal Perspective).
Contact at:
perry4law@yahoo.com , pd37@rediffmail.com

[1] Praveen Dalal, “ Cyber Security Trends by PTLB”, http://reclaiming-india.blogspot.com/2007/12/cyber-security-trends-by-ptlb-2007.html

[2] Praveen Dalal, “ Cyber Security Trends by PTLB: Cyber Law in India”, http://reclaiming-india.blogspot.com/2007/10/cyber-security-trends-by-ptlb-cyber-law.html

[3] Praveen Dalal, “ Cyber Security Trends by PTLB: Cyber Terrorism and Risk Management”, http://www.bloggernews.net/111624