Realpolitik-Breaking News from India Everytime

How secure will cyberspace be in 2007

The single-most important aspect of the world of the Internet will be cyber security—and India might be in the thick of trying to solve problems such as spamming and identity theft. Certainly, everyone's gearing up for a year of firefighting.

By Subimal Bhattacharjee

The medium of cyberspace has been growing over the past few years with more and more people using the medium of the Internet to communicate and do business. The impact of the Internet has been so profound that in the past 10 years it has spread to almost every part of the globe.

However, along with the advantages that it has brought, the Internet has also laid before us many issues to tackle, including security of the medium itself. So, with the onset of every new year, trends in cyberspace is among those areas that are gaining currency among ordinary users.

For the year 2007, the most testing point for cyberspace will be how secure the medium will remain. There will be close scrutiny over the pace and sophistication of cyber attacks. Today, the fear of cyber attacks is profound, considering the fact that anonymity and the absence of physical and geographical barriers allows attackers to strike with ease and remain largely unharmed.

There has been an exponential increase in the incidents of malware (malevolent software) attacks such as viruses, worms and Trojans, an increase in phishing and email fraud, an increase in terrorists' usage of the medium for communication and even launching extortion, fundraising and recruitment drives.

Even organised crime syndicates have taken to attracting hacking talents for online criminal activities such as identity theft and money-laundering. How much of that can be checked and controlled is today a moot question. Also, the capacity and the orientation of law enforcement agencies to live up to these challenges will be more closely scrutinised.

The focus will also be more on preparedness and international cooperation of law enforcement agencies. Over the past five years, there has been increased spending on security by various governments, as has been the need to look at cyber security from the point of view of critical information infrastructure protection (CIIP) and as part of the national security apparatus.

The business world has been investing in network security, with cyber security decisions now coming down from the top management instead from the technical head. The year 2007 will see more investments on response and alerting services and solutions from the corporate world. Governments will focus more on stronger law enforcement training as well as building up a robust CIIP infrastructure.

Also in focus will be the outsourcing industry, which depends a lot on the security of the communication medium and the security practices in offshore destinations. A few incidents in 2006 showed how data need not necessarily be safe in transit—or even in a foreign call centre—and that even in-shore facilities, there are regular incidents of data theft. There will be more national level efforts to achieve some security best practices at a global par. At the same time, increased global competition to garner even more outsourcing opportunities will drive companies involved towards better security practices.

Spam will continue to dominate corporate and individual attention. There has been no respite from the plague, despite efforts, including legislations, from industry and international bodies. Spam still occupies almost 70 per cent of all email traffic. The year 2007 will see more concerted action to tackle and reduced the spread rate of spam.

The existing regional and global alliances to stop spam will have stronger roles to play, with the support of industry giants. Tackling the menace of pirated software will gain momentum during the year, largely because efforts till date have not yielded the desired results.

From the Indian perspective, there will be more actions in cyber security this year. The Bill to amend the Information Technology Act 2000 (IT Act) that was introduced in Parliament in the 2006 Winter Session will be debated and passed during this year, and efforts to address cyber security will get more teeth. The amendments will look into many of the specific acts of cyber crimes and also address data protection more closely.

The domestic IT industry in India grew by more than 20 per cent in 2006, and a similar prediction can also be made for this year. There will be more investments and more players in the Indian cyberspace. Also the implementation of the National E-Governance Plan will gain more momentum during the year. Participation in government-related online transactions will also increase during the year as more and more citizen-centric applications will go online.

Even the bulk of the Indian BPO companies will be more focused towards better security practices in the face of the scattering of infiltrative incidents. While there is no doubt that most Indian BPO companies today adhere to some of the best security standards, there will be a constant endeavour towards improvement since cyber security is still an evolving area. The year will most likely see the setting up of a dedicated organisation to handle CIIP.

Already, the computer-related incident response and advisory organisation, CERT-In, has been functioning under the ministry of communications and information technology for the past two years. So far, it has done a splendid job. CERT-In should get more teeth during 2007 with the passage of the amendments to the IT Act.

India's role in global cyber security matters will also be prominently seen this year. Cyberspace security is the key driver of the efforts on Internet governance undertaken by the UN over the past four years. The two summits and the recent meeting of the Internet Governance Forum in October last at Athens saw a strong Indian participation. A muscular Indian presence in the global software community also gives the country scope to play a responsible role in securitising the global cyberspace.

The year 2007 will also see more maturity in the Indian IT industry. The focus on enhancing software export capabilities and applications will definitely be there; and with more competition from global markets, there will be more concentration on niche areas and investments in projects related to cyber security. Already, Indian companies are moving up on the value chain in the security software space. The focus should be there to make India a destination for secure software development and computing.

Of course, a lot will depend on the nature of political and economic stability across the globe: cyberspace will be affected by any developments in these two fields. Meanwhile, we all can yearn for a better online experience in 2007.

(The author writes on cyber security policies)