Cybersecurity: The Intersection of Policy & Technology

The Synergia Foundation brought together Israeli cyber law, regulation and policy expert Deborah Housen-Couriel and Mr. Gaurav Gupta, IAS – Principal Secretary for Information Technology, Biotechnology, and Science and Technology, Government of Karnataka, as well as policymakers, and senior executives from various fields to share their insights on the topic of cybersecurity, policy, and technology. The discussions centered on further deepening collaborations between academia, the government, and business enterprises on how they should work together in coping up with the challenges arising from cyber attacks and cyber warfare. It also emphasized on how India and Israel should learn from one another and join forces in combating these rising cyber threats.

Background

Cybersecurity or information technology security is the technique of protecting computers, networks, programs, and data from unauthorized access or attacks that are aimed for exploitation. Major areas covered in cyber security are Application Security, Information Security, Disaster recovery, and Network Security.

In January, seeking to upgrade their strategic partnership, India and Israel inked nine pacts in key areas, including cybersecurity and oil & gas sectors as a means to boost Indian Prime Minister Narendra Modi’s Make in India initiative. Due to their strong relations, Modi and his Israeli counterpart Benjamin Netanyahu held extensive talks to strengthen ties in strategic areas of defense and counter- terrorism, especially surrounding cybersecurity.

Analysis

The speakers of the talk included Deborah Housen-Couriel, Professor at the Kennedy School of Government, Gaurav Gupta - Principal Secretary for IT, BT, and S&T, Government of Karnataka, and Dana Kursh, Consul General of Israel to South India. The Consul General stated her interest in improving ties between Israel and India, especially regarding how the two nations can learn and guide one another to counter the existing cyber threats affecting the two nations. The Principal Secretary reiterated that India is expected to have a trillion dollar digital economy within the next 10 years, due to the influx of new age technologies, such as automation, artificial intelligence, and the internet of things.

Other participants included K.P.M. Das, Director of Cybersecurity and Trust at Cisco; Former Chief Secretary to the Government of Karnataka Subhash Chandra Khuntia; Naresh Shah, President, India Research & Development at Hewlett Packard Enterprise; M. Chandra Sekhar, Inspector General of Police; and Sunil Abraham, Executive Director of Centre for Internet and Society among others.

Naresh Shah from HP stated that it is crucial for enterprises to come up with a solution in order to safeguard their gear, such as servers and modems from hackers and issue patches for the vulnerabilities as soon as the product is released into the market. The Inspector General of Police from the Criminal Investigations Department said that there is an impending issue of most cyber attacks being an insider threat, which may in turn compromise the credibility of the country or organization.

Another industry expert was concerned about the lack of cybersecurity measures taken by the fintech industry and said that fixing liabilities using a legal framework should be enforced. A Director of Cybersecurity from another large corporation informed the gathering on how policy and technology are now diverging from one another due to technological advancements. He exclaimed that when it comes to cyberspace, there are no neighbors, and hence, threat intervals are difficult to attribute and pose the biggest challenge to cybersecurity. The Former Chief Secretary to the Government of Karnataka stated that in order to curb the impending dangers in cyberspace, cybersecurity training is extremely important from elementary school levels to that of skilled professionals. He added that although a hundred percent cybersecurity may be unattainable, the intersection of technology and policy can lead to techniques like preventing and containing the threat levels and enforcing good cybersecurity practices can be lucrative in the long run.

One of the main takeaways from the talk was that countries should follow Israel’s policy of cyber regulation where cybersecurity is organized on a sectoral basis. Subsequently, with regard to Israel’s financial sector, the Bank of Israel released a document to all banks to enforce the policies that were set forth.

The discussions concluded by the reaffirmation of three key issues. Firstly, infrastructure is seen as one of the biggest challenges to cybersecurity. A method of creatively and effectively using the existing infrastructure should be evaluated. The best minds, policies, and cyber communication should be done through the right kind of infrastructure. Secondly, policy is another key element to cybersecurity. It is crucial to ensure that a nation’s technology level and policy level are accelerating at the same pace. Thirdly, innovation and leadership was seen to be of equal importance. Cybersecurity is a national priority and adequate measures should be taken by enforcing policies around the existing threat.

Assessment

Our assessment is that both India and Israel are known for innovation and have excellent records in terms of research & development, and these skills could be honed in order to develop strategies to overcome risks and challenges in cybersecurity. Extensive training and knowledge sharing is needed in order to make people aware of the implications of cybersecurity. This is critical to ensure that the right measures are taken today in order to come up with better solutions for the coming generations.