Govt gets real on cyber terror

The Indian Government seems to have finally woken up to the threat of cyber terrorism, and is putting together a full-fledged Crisis Management Plan for countering cyber attacks like the recent one on Indian embassies.

Having identified critical sectors that could be vulnerable to cyber attacks, the Ministry of Communications & Information Technology has issued security guidelines to all ministries and government departments asking them to set up 24x7 cyber control rooms, implement information security best practices, deploy information security experts, formulate their own information security policies and ensure background checks of all personnel employed in IT divisions. Henceforth, the National Crisis Management Committee (NCMC) headed by the Cabinet Secretary will also be monitoring all national-level cyber crises.

The Armed Forces, defence production and research, power, oil and gas, stock exchanges, depositories, banks and financial institutions, space research installations, Internet services, telecom and data centers, broadcasting services, railways, civil aviation, shipping and surface transport, public utilities and law enforcement agencies have been identified as critical sectors, with both public and private installation marked as vulnerable.

The plan mandates that central administrative departments under each critical sector will set up 24-hour control rooms which will get activated immediately after a crisis situation is reported and also prepare detailed contingency plans. Each organisation has also been directed to screen and do background checks of all employees engaged in implementing and monitoring cyber security and crisis management plans including contractors and third party users. This screening entails that each employee be checked for satisfactory character references, accuracy of CVs, claimed academic and professional qualifications, credit checks, criminal record checks and independent identity checks in the form of passport or similar documents.

Organisations have also been directed to implement periodic IT security risk assessments, back up of files critical to mission accomplishment, security awareness training of personnel and periodic testing and evaluation of technical security measures.

... contd.

Please read our terms of use before posting comments
TERMS OF USE: The views, opinions and comments posted are your, and are not endorsed by this website. You shall be solely responsible for the comment posted here. The website reserves the right to delete, reject, or otherwise remove any views, opinions and comments posted or part thereof. You shall ensure that the comment is not inflammatory, abusive, derogatory, defamatory &/or obscene, or contain pornographic matter and/or does not constitute hate mail, or violate privacy of any person (s) or breach confidentiality or otherwise is illegal, immoral or contrary to public policy. Nor should it contain anything infringing copyright &/or intellectual property rights of any person(s).
comments powered by Disqus