New Delhi, July 3, 2013: India has formulated a National Cyber Security policy, even as government formulates a measured response to swirling revelations about large scale snooping by the US on friend and foe alike. 
Releasing the policy onj Tuesday, Kapil Sibal, Union Minister for Communications and IT said this policy should be seen as about protecting of information, such as personal information, financial/banking information, sovereign data etc. He also flagged the need to distinguish between data which can freely flow and data which needs to be protected. He also stated that the government, through incentives and subsidies will need to support Small and Medium Enterprises for accessing the technology to make their systems safe. He called on businesses to set aside finances for keeping themselves safe in cyber space.

Key points of the Policy:

• This policy aims at facilitating creation of secure computing environment and enabling adequate trust and confidence in electronic transactions and also guiding stakeholders actions for protection of cyber space.

• The National Cyber Security Policy document outlines a road-map to create a framework for comprehensive, collaborative and collective response to deal with the issue of cyber security at all levels within the country.

• The policy recognises the need for objectives and strategies that need to be adopted both at the national level as well as international level.

• The objectives and strategies outlined in the National Cyber Security Policy together serve as a means to:

i. Articulate our concerns, understanding, priorities for action as well as directed efforts.

ii. Provide confidence and reasonable assurance to all stakeholders in the country (Government, business, industry and general public) and global community, about the safety, resiliency and security of cyber space.

iii. Adopt a suitable posturing that can signal our resolve to make determined efforts to effectively monitor, deter & deal with cyber crime and cyber attacks.

Salient features of the policy

In brief, the National Cyber Security Policy covers the following aspects:

• A vision and mission statement aimed at building a secure and resilience cyber space for citizens, businesses and Government.

• Enabling goals aimed at reducing national vulnerability to cyber attacks, preventing cyber attacks & cyber crimes, minimising response & recover time and effective cyber crime investigation and prosecution.

• Focused actions at the level of Govt., public-private partnership arrangements, cyber security related technology actions, protection of critical information infrastructure and national alerts and advice mechanism, awareness & capacity building and promoting information sharing and cooperation.

• Enhancing cooperation and coordination between all the stakeholder entities within the country.

• Objectives and strategies in support of the National cyber security vision and mission.

• Framework and initiatives that can be pursued at the Govt. level, sectoral levels as well as in public private partnership mode.

• Facilitating monitoring key trends at the national level such as trends in cyber security compliance, cyber attacks, cyber crime and cyber infrastructure growth.

Link to text of National Cyber security Policy 2013 ( 10 pages PDF)
Early  media comment:
Experts call cyber security policy too vague  Business Standard July 2 2013
Cybersecurity Policy: skewed and late  Deccan Chronicle July 2 2013