Wednesday, 11 January 2017

IT Security in India - A SWOT Analysis

Information Technology (IT) is the vital part of the world order and economy as it eases the lives by bringing automation in many vectors. With the boom, we have started seeing the effects of a new breed of computer artists taking a prominent place in the scene – a. hackers: any highly skilled computer expert capable of breaking into computer systems and networks using bugs and exploits, for resource benefits; b. computer scientists: any personal with significant formal education on the subject and actively working in the academia in building better architecture by looking at the tools we're currently using, how they work now and how they can work in the future.

Our economic vitality, national security and daily life depend on a stable, safe, and irrepressible cyberspace. Cyberspace and its core infrastructure are vulnerable to a wide range of risk stemming from both physical hazards as well as digital misadventures. Sophisticated cyber actors and nation-states exploit vulnerabilities to steal information and money and are developing capabilities to disrupt, destroy, or threaten the delivery of essential services in less developed nations.

While writing, our team conducted a research on the trends and prospectus of information security in India and has come out with a SWOT analysis report. Following are our findings –


Various ministries in India have implemented swadeshi technologies or have their concept note prepared. Few of these initiatives include – ICT implementation by the Ministry of Road Transport and Highways (INAMPRO, FastLane, ePace, INFRACON, etc.) – which also happens to be sourced from a forerunning apolitical campaign named #ITForParivahan – citizen centric crowd sourcing of ideas to improve transportation led by Mr. Vinit Goenka, (Chairman AIM-IT), Ministry of Home Affairs (CCTNS, CIPA, etc), Ministry of External Affairs (passport services and immigration services, etc.), Ministry of Shipping to implement suggestion of the IT Task Force Report released in November 2016. Ministry of Electronics and Information Technology has its indigenous cloud solution ‘MEGHRAJ’ for all government offices. Government is also implementing;, and email addresses to give the government machinery a corporate feel. But, does implementing projects mean that the ball is in favourable court? No.


With the arrival of such technologist work style, data integration in various departments and data security is a huge concern. Many departments have reported data alteration, data loss and data theft from the network – which is a grave threat to national security.

Securing defense, federal and state networks are vital with all the possible tools available – more the swadeshi element, better it is as the response can be quick and data flow could be restricted and monitored as needed.


Reading about the strengths and weakness, we are sure you would want to know the opportunities in the information security industry in coming days.

A. Securing networks – units need to work with federal civilian department and agency to effectively respond to ever-changing threats against their networks.

B. Protecting critical infrastructure – data security agents (physical and digital, alike). By digital, we refer to white hat hackers and physical agents need to train well to dispose hard drives after erasing data irrecoverably.

C. Cyber incident response – private agencies will need support CERT-In to provide assistance to potentially impacted entities, analyzes the potential impact across critical infrastructure, investigate those responsible in conjunction with law enforcement partners, and coordinates the national response to significant cyber incidents.

D. Information security insurance – protects businesses and individuals from Internet-based risks and from risks relating to information technology infrastructure and activities; and provides financial assistance to encourage activities in the space. Information sharing is essential to the protection of critical infrastructure and to furthering cyber-security for the nation.


Threats to information security are from both outside and within the defense. ATM breach that had made chaos at many levels in September 2016 was because of irresponsible attitude in maintaining and monitoring the banking network and relying on inputs from large organizations. Also, hacking of multiple embassy websites that release details of Indian citizens living in those states was because of poorly coded websites with SQL vulnerabilities. Education in this space is inevitable so is proper logical product development in this space.

No comments:

Post a Comment