+918988885050

+918988886060

Cybersecurity
Information Technology Act, 2000: “Cyber security means protecting information, equipment,
devices computer, computer resource, communication device and information stored therein from
unauthorised access, use, disclosure, disruption, modification or destruction.”
According to EY’s latest Global Information Safety report, India has one of the highest number of cyber
attacks and the country ranks second in terms of targeted attacks.
Cyber Criminals: Seeking commercial gain from hacking banks and financial institutions as well as
phishing scams and computer ransomware. Phishing is a broad term for cyberattacks that use social
engineering to trick victims into paying money, handing over sensitive information, or downloading
malware.
Cyber Terrorists with the mission to penetrate and attack critical assets, and national infrastructure
for aims relating to political power and “branding”.
Cyber Espionage: Using stealthy IT malware to penetrate both corporate and military data-servers in
order to obtain plans and intelligence.
Cyber Hacktivists: Groups such as “Anonymous” with political agendas that hack sites and servers to
virally communicate the “message” for specific campaigns.
+918988885050
+918988886060
 +918988885050
+918988886060

Cybersecurity in India

Current Situation
• National Crime Records Bureau (NCRB): India saw a rise of 24% in cybercrimes registered
in 2022 compared to 2021.
• Internet Crime Report for 2021, released by USA’s FBI: India stands third in the world among
the top 20 countries that are victims of Internet crimes.
• The global WannaCry ransomware attack took its toll in India with several thousands
computers getting locked down by ransom seeking hackers. The attack also impacted systems
belonging to Andhra Pradesh police and state utilities of West Bengal.
• The Petya Ransomware attack in 2017 impacted the container handling functions at a terminal
operated by Danish firm at Mumbai’s Jawaharlal Nehru Port Trust.
 +918988885050
+918988886060

Steps taken by Government in Cybersecurity

National Cybersecurity Strategy 2020
• Focuses on 21 areas to ensure a safe, secure, trusted, resilient, and vibrant cyberspace for
India.
• Supply chain security: Monitoring and mapping of the supply chain of the Integrated circuits
(ICT) and electronics products.
• Critical information infrastructure protection
• Digital payments
• State-level cyber security
• Security of small and medium businesses

National Cybersecurity Policy 2013

• Set up a 24×7 National Critical Information Infrastructure Protection Centre (NCIIPC) for
protecting critical infrastructure of the country
• Create a task force of 5,00,000 cyber security professionals in next five years.
• Provide fiscal schemes and benefits to businesses for adoption of standard security practices.
• Designate CERT-In as the national nodal agency to coordinate cyber security related matters
and have the local (state) CERT bodies to co-ordinate at the respective levels.
• Engage information security professionals / organizations to assist e-Governance initiatives

India’s Computer Emergency Response Team (CERT-In)

• Serves as the national agency in charge of cyber security
• CERT-Fin has also been established based as a specialized agency on the recommendation of
a sub committee of the Financial Stability and Development Council (FSDC) to tackle threats
related to the financial sector.

National Cybersecurity Coordination Centre (NCCC)

• India’s cyberspace intelligence agency under CERT-In.
• Screens communications metadata coming into the country to detect real-time cyber threats
• Functions under the IT ministry

National Critical Information Infrastructure Protection Centre (NCIIPC)

• National Nodal Agency in respect of Critical Information Infrastructure Protection.
 +918988885050
+918988886060

• All organisations providing digital services have been mandated to report cyber security
incidents to CERT-In expeditiously.
• CERT-In, in turn, issue alerts and advisories regarding cyber threats and counter measures to
all the stakeholders.

Indian Cyber-Crime Coordination Centre (I4C) and Cyber Warrior Police

Force
• To tackle internet crimes such as cyber threats, child pornography and online stalking.
• Indian Cyber Crime Coordination Centre (I4C) has been designated as the nodal agency in the
fight against cybercrime.
• India created a National Counter Ransomware Taskforce, on the lines of the International
Counter Ransomware Taskforce, with representation from the finance and legal affairs
departments, under the MHA.

Cyber Swachchta Kendra (CSK)

• MeiTY launched the Cyber Swachchta Kendra–Botnet Cleaning and Malware Analysis Centre
for analysis of malware and botnets that affect networks and systems.
• This centre will work in coordination with the internet service providers (ISPs) and Industry and
will also enhance awareness among citizens regarding botnet and malware infection.

Global initiatives
Budapest Convention
• Only multilateral treaty on cyber security that addresses Internet and computer crime.
• Focus is on harmonizing national laws, improving legal authorities for investigative techniques
and increasing cooperation among nations.
• Developing countries including India have not signed it stating that the developed countries led
by the US drafted it without consulting them.
 +918988885050
+918988886060

ICANN Internet Corporation for Assigned Names and Numbers

• Non-profit public benefit corporation and also a global multi-stakeholder organization that was
created by the U.S. government.
• Coordinates the Internet Domain Name Servers, IP addresses and autonomous system
numbers.
• Now an international, community-driven organization independent of any one government.

Digital Personal Data Protection Act, 2023

Background
• 2017: SC - “Privacy is a fundamental right” (K.S. Puttaswamy case)
• Justice Srikrishna Committee proposed the initial draft of the Personal Data Protection (PDP)
Bill in 2018.
• After multiple consultations, it became the DPDP Act 2023.

Features of the Act

• It protects digital personal data by providing: The obligations of Data Fiduciaries (that is,
persons, companies and government entities who process data) for data processing; The rights
and duties of Data Principals (that is, the person to whom the data relates);
• Establishes Data Protection Board of India (DPBI) for Monitoring compliance and imposing
penalties.
• Allows the transfer of personal data outside India, except to countries restricted by the
government.
• Data fiduciary will not undertake any processing that has a detrimental effect on the well-
being of a child.

Previous year questions

• What are the different elements of cyber security? Keeping in view the challenges in cyber
security, examine the extent to which India has successfully developed a comprehensive
National Cyber Security Strategy. (2022)
• Keeping in view India’s internal security, analyse the impact of cross-border cyber attacks. Also
discuss defensive measures against these sophisticated attacks. (2021)
• Discuss different types of cyber crimes and measures required to be taken to fight the menace.
(2020)
• What is CyberDome Project? Explain how it can be useful in controlling internet crimes in India.
(2019)
 +918988885050
+918988886060

• Data security has assumed significant importance in the digitized world due to rising cyber-
crimes. The Justice B. N. Srikrishna Committee Report addresses issues related to data
security. What, in your view, are the strengths and weaknesses of the Report relating to
protection of personal data in cyberspace? (2018)
• Discuss the potential threats of Cyber attack and the security framework to prevent it. (2017)
• Discuss the advantage and security implications of cloud hosting of server vis-a-vis in-house
machine-based hosting for government businesses. (2015)
• Considering the threats cyberspace poses for the country, India needs a “Digital Armed Force”
to prevent crimes. Critically evaluate the National Cyber Security Policy, 2013 outlining the
challenges perceived in its effective implementation. (2015)

Role of Media and Social networking sites

Media
 +918988885050
+918988886060

Role of Media in India

 +918988885050
+918988886060

Ideal role of media

• Media as an instrument of expression
• Media as the Fourth Estate
• Educating people through media
• Mass Media can also help in bringing change
• Media promoting distribution of goods
• Role of Media in Nation Building
• Raising awareness
• Shape the perceptions of government
 +918988885050
+918988886060

National Security & Media

Threats posed by the media to Internal Security
• Sensationalization of every news item without any verification.
• Analysis of national security issues by groups of former diplomats, generals and academia’s
arm chair strategists distorts national security perspectives.
• Anchors lack political and strategic maturity to discuss national security issues as their Western
counterparts do.
• No space for contrary views and perspectives
 +918988885050
+918988886060

Existing Regulations and Restrictions

“The coverage of the Mumbai terror attack by the mainstream electronic
media has done much harm to the argument that any regulatory mechanism
for the media must only come from within”, the Supreme Court 2012
Supreme court - “Any attempt to justify the conduct of the TV channels by citing the right to freedom
of speech and expression would be totally wrong and unacceptable in such a situation. The freedom
of speech and expression, like all other freedoms under Article 19, is subject to reasonable
restrictions. An action tending to violate another person’s right to life guaranteed under Article 21 or
putting the national security in jeopardy can never be justified by taking the plea of freedom of speech
and expression.”
• Article 19 deals with the freedom of speech and expression broadly highlights the powers and
functions of the media as a body of information.
• Articles 105(2) and 194(2) allow the Indian Press to publish or report the proceedings of the
parliament and the state legislatures.
• Press Council Act of 1978 and the National Security Act of 1980 puts restrictions on the Indian
press.
Broadcasting Code
Adopted by the Fourth Asian Broadcasting Conference in 1962. It set up to govern the All India Radio,
but the following key principles have also been followed by all Indian Broadcasting Organizations.
• Objective presentation of news and fair and unbiased comment
• Raising and maintain high standards of decency and decorum in all programmes
• Providing programmes for the young to inculcate the principles of good citizenship.
• Promoting communal harmony and religious tolerance
• Treating controversial public issues in an impartial and dispassionate manner.
• Respecting human rights and dignity

Broadcasting Content Complaints Council (BCCC)

• Independent self-regulatory body set up by the Indian Broadcasting and Digital Foundation
(IBDF) in June 2011.
• To implement self-regulatory guidelines for non-news channels, including general entertainment
channels, kid’s channels, and special interest channels.
• Any viewer can lodge a complaint about issues related to television programmes
Composition
• BCCC is composed of 13 members.
• One chairperson
• Four non-broadcast members
• Four members from the national-level statutory commissions
• Four members from the broadcast industry
 +918988885050
+918988886060

How does BCCC work?

In the case of a valid complaint, the respective channel is asked to provide their view on the offending
content within one working week of receipt of a letter from BCCC.
Post evaluation of the channel’s response, if the BCCC committee is not satisfied, it has the power to
pass a directive asking for necessary modifications or withdrawal of such content; failing which, the
BCCC sends out a detailed report to the Ministry of Information and Broadcasting within 24 hours.
 +918988885050
+918988886060

Negative impact of Social Media on Democracy

• Foreign Interference
• Fake News
• Echo Chambers
• Political Harassment
 +918988885050
+918988886060

Key issues
Social Media Regulation
• Lack of privacy: Stalking, identity theft and personal attacks
• Cyber bullying
• Fake news
• Trolling
• Accountability issues
• Jurisdictional challenges
• Anonymity

Information Technology (Intermediary Guidelines and Digital Media

Ethics Code) Rules, 2021
• Users must be educated about privacy policies, avoiding copyrighted material, defamatory
content, or anything that threatens national security or friendly relations.
• Online intermediaries, including social media platforms like Facebook and internet service
providers like Airtel, must prevent the spread of inaccurate information about the Indian
government.

Media trials
• Jessica Lal case
• Sushant Singh Rajput case
• Arushi Talwar case
• Rhea Chakraborty Drug Case
 +918988885050
+918988886060

Data Localisation
Data localization is a concept that the personal data of a country’s residents should be processed and
stored in that country. It may restrict flow entirely or allow for conditional data sharing or data mirroring
(in which only a copy has to be stored in the country).
There is a growing perception that data localization will aid countries asserting sovereignty in digital
domain, ensure informational security of its citizens & fare better in governance.

Need for Data Localisation

• Economic development of the country: Data is the new oil. Large scale data is a necessity to
train new age AI models.
• Increase India’s tax revenue
• Maintain data sovereignty & citizens’ data privacy
• Issue of national security
Measures towards Data Localisation
• The Digital Personal Data Protection Act 2023 brings into effect data localization requirements
– stipulating that sensitive personal data must be stored within India, thereby placing a
geographical boundary on where certain types of data can be stored and processed.
• A similar clause was incorporated in Government’s draft e-commerce policy, which
recommended localization for “community data generated by users in India from various sources
including e-commerce platforms, social media, search engines etc.”

Social Media regulations in India

 +918988885050
+918988886060

Previous year questions

1. Mob violence is emerging as a serious law and order problem in India. By giving suitable
examples, analyze the causes and consequences of such violence. (2017)
2. Use of internet and social media by non-state actors for subversive activities is a major security
concern. How have these been misused in the recent past? Suggest effective guidelines to curb
the above threat. (2016)
3. Religious indoctrination via social media has resulted in Indian youth joining the ISIS. What is
ISIS and its mission? How can ISIS be dangerous to the internal security of our country? (2015)
4. “The diverse nature of India as a multi-religious and multi-ethnic society is not immune to the
impact of radicalism which is seen in her neighbourhood? Discuss along with strategies to be
adopted to counter this environment. (2014)
5. What are social networking sites and what security implications do these sites present? (2013)