While talking about the ‘global commons’, it is important to add a more orthogonal perspective, vis-à-vis India and the other members of the emerging countries. In this context, it is necessary to accord due regard to global practices and global standards, on which so much work is being done, albeit in fragments.
Geopolitics governs much of the sovereign pressures today, and in that, there is a tendency for people to look inward and strengthen their defences. But one can do this, even while absorbing global best practices and building on existing standards.
RISKS & CHALLENGES
Those who grew in the late 1980’s client-server times may observe that cloud is actually no different from setting up novel networks. In a way, one must go back to those basics of ‘extensibility, scalability, resilience, responsiveness, and the ability to manage’. Moreover, there is a felt need for some degree of control – similar to that of a control plan in some of these networks – and fully appreciate it.
While the governance mechanism needs it, it is important to keep in mind the dichotomy here and the need for a fine balance. If the controls move to one end, then all the advantages of being in the cloud are lost, and it raises uncertainty of its security. Because the cloud is not all of it, it eventually delivers services at the endpoints.
The second challenge is in the whole movement from ‘quality of service’ to ‘quality of experience’. It may not matter as much for a citizen in New York or London, but it matters to a villager in India who is going to consume through the Digital India stack application. The goal is to provide the same experience as in Rajeev Chowk in Delhi to a village in Jharkhand. This inequity/equity problem is a clear challenge. For countries like India, Brazil, or South Africa, this ‘middle mile’ problem is challenging and needs to be addressed.
COMING TO GRIPS
Given the ambitious objectives set by the Indian government, it is important to highlight the need to improve the talent pool – we are talking about half a million cyber professionals by the year 2025. The data from CISCO’s ‘NETACAD’ shows that India has the largest and fastest-growing, cyber-hungry demographic in the world.
It is an area of concern if India does not get cyber-professionals or the talent aspect in place. It could be compared to the Y2K moment for India – which was a tipping point to take India into hundreds of billions of dollars of IT cells – all over again. The next tipping point for India is to be known as the ‘cybersecurity services capital’ of the world.
The country needs security operation centres, level one and level two personnel, and cyber analysis. It is also worth mentioning that everything comes with a cost. And there are no better people to understand this than those at the bottom of the pyramid today who wants to get into digital India or the digital world without a laptop, without a server – into the cloud.
While India, Brazil, South Africa and Indonesia may be the best countries to come together and develop this model, there is a lot of investment in innovation required. Enabling bottom-up high design security, which is intrinsic to everything, ensures this. So, there will no longer be security engineers, rather just engineers who understand security. This is crucial to address due to the frequency of this issue faced in the market daily.
Forty per cent of India’s business is potentially waiting to be digitally enabled if security at near- zero cost can be provided. Lastly, enhancing private-public sector cooperation is equally important. Countries that lead the pack in the maturity graph of cloud services are those that have innovated their private-public working model beyond strategy and policy. What India lacks is monthly or once-in-three months meetings between teams with senior representation on both sides, putting away their company or department insignias and coming together to develop a collective good for their country.
To this, S Chandrasekhar from Microsoft responded that such private-public partnerships are already happening. He points out that they have collaborated with Data Security Council of India (DSCI) and also with the Office of Dr Pant. Additionally, Microsoft also runs a program called Cyber Siksha aimed at increasing cyber security awareness among government officials. Around 1200 officers have been trained till date.
Col KPM Das (Retd), is the National Cyber Security Officer at CISCO. Prior to tenures in the IT industry, KPM was with the Indian Army for 25 years.