Cybersecurity – Significance & Challenges – Explained Pointwise

sfg-2026
ForumIAS LATEST
  1. 09 July | Make Your UPSC Answers More Impactful with Adjectives by Ayush Sinha | Click Here to Watch →
  2. 10 July | From 6 Attempts to AIR 53: Kiran's UPSC Success Journey | Click Here to Watch →
  3. 11 July | Your Friends Reflect Your Values by Ayush Sinha | Click Here to Watch →

cybersecurity

The recent ransomware leak exposing blueprints and supplier data for the Kudankulam Nuclear Plant underscores the growing threat of cyber espionage. While the core reactor networks remained safe and isolated, breaches targeting third-party contractors expose operational vulnerabilities. It highlights that robust cybersecurity is paramount to safeguard critical infrastructure, national security, and public trust.

Table of Content
What is cybersecurity?
What are the major cyber threats faced by India?
What is the significance of cybersecurity for India’s digital economy and governance?
What are the major challenges in ensuring cybersecurity in India?
What measures has the Government of India undertaken to strengthen India’s cybersecurity architecture?
What should be the way forward?

What is cybersecurity?

  • Cybersecurity refers to the body of technologies, processes & practice of protecting computer systems, networks, programs, and data from digital attacks, unauthorized access, damage, or theft. 
  • Cybersecurity is not merely an IT issue. it is a strategic necessity that ensures the confidentiality, integrity, and availability (the CIA Triad) of a nation’s critical information infrastructure.
  • Key Dimensions:
    1. Confidentiality: Ensuring information is accessible only to authorized users.
    2. Integrity: Ensuring data is accurate and unaltered by unauthorized parties.
    3. Availability: Ensuring systems and data remain accessible when needed.
  • The Three Pillars of Cybersecurity:Cybersecurity

What are the major cyber threats faced by India?

  1. Ransomware Attacks: Malicious software that encrypts/locks data, demanding ransom for release. Increasingly targets critical infrastructure and PSU contractors for e.g. the 2026 Kudankulam-linked breach.
  2. Attacks on Critical Information Infrastructure (CII): Targeting power grids, nuclear facilities, banking systems, telecom networks, and transport systems for e.g. 2020 Mumbai power grid outage suspected to involve Chinese state-linked malware (RedEcho).
  3. State-Sponsored Cyber Espionage: Attributed largely to China- and Pakistan-linked Advanced Persistent Threat (APT) groups targeting defence, government, and strategic sectors for intelligence gathering for e.g. China-linked RedEcho and Pakistan-linked Transparent Tribe continuously run target campaigns against the Indian defense sector, aerospace, and government networks.
  4. Cyberterrorism and Radicalisation: Use of encrypted platforms and dark web by terrorist organisations for recruitment, propaganda, fundraising, and coordination.
  5. Data Breaches and Data Theft: Theft of personal, financial, or corporate data from government portals, banks, e-commerce platforms, and healthcare systems. For e.g. AIIMS patient data breach, various Aadhaar-linked data leak controversies.
  6. Financial Cyber Fraud: India is among the world’s leading countries in digital payment volumes. However, a major concern arising from the rapid expansion of digital financial inclusion is the increasing incidence of cyber frauds, including UPI and digital payment frauds, phishing attacks, SIM-swap frauds, and banking trojans.
  7. Social Media Manipulation and Disinformation: The spread of fake news, deepfakes, and coordinated inauthentic behaviour poses a significant threat to democratic processes, social harmony, and national security. Deepfake technology has intensified these challenges.
  8. Supply Chain and Third-Party Risks: Attacks are increasingly entering organizations through third-party service providers or software supply chains. For e.g. Kudankulam 2026 breach – where sensitive data was compromised not from the core nuclear network, but from a contractor’s third-party server.

What is the significance of cybersecurity for India’s digital economy and governance?

  1. Protecting Economic Value and Growth: The digital economy is a significant and growing part of India’s GDP. It contributes 13.42% of GDP. Cybersecurity is essential to protect this economic value from being eroded by financial crimes, data breaches, and ransomware attacks.
  2. Building Digital Trust and Resilience: India’s DPI stack – Aadhaar, UPI, DigiLocker, CoWIN, ONDC -handles billions of transactions and vast citizen data. A breach or systemic compromise could undermine public trust in the entire digital governance architecture that underpins DBT, financial inclusion, and service delivery.
  3. Enabling Trust in E-Governance: Government services (income tax e-filing, e-courts, DigiLocker, GeM procurement) depend on citizens trusting that their data is secure. Cybersecurity breaches in government systems damage the legitimacy of “Digital India” as a governance model.
  4. Securing Critical Infrastructure: Power grids, banking, telecom, transport, and nuclear facilities are increasingly getting connected to each other. A successful attack can cause cascading economic and safety consequences. Economic sectors like BFSI (banking, financial services, insurance) are prime targets given their centrality to GDP.
  5. National Security Dimension: Cyberattacks are now a recognized tool of hybrid warfare. Espionage, sabotage of defence networks, and disinformation campaigns directly threaten sovereignty and internal security.
  6. Enabling India’s Global Digital Leadership Ambitions: India champions DPI exports (UPI stack, Aadhaar model) to Global South countries. Credible cybersecurity practices are essential to sustaining this soft-power and technology-diplomacy role e.g. G20 DPI agenda, India-UAE UPI linkages.
  7. Protecting Citizen Rights and Constitutional Values: Post the Justice K.S. Puttaswamy judgment (2017) recognizing privacy as a fundamental right under Article 21, cybersecurity is integral to operationalizing the right to privacy in the digital realm, especially under the DPDP Act, 2023.
  8. Economic Cost of Cyber Incidents: Cyberattacks impose direct costs (ransom, remediation, downtime) and indirect costs (reputational damage, regulatory penalties, loss of investor confidence). In 2024 alone, India reported cyber fraud losses exceeding ₹22,845 crore, with over 36 lakh fraud cases logged. 

What are the major challenges in ensuring cybersecurity in India?

  1. Fragmented Institutional Architecture: Multiple agencies such as CERT-In, NCIIPC, I4C, RBI, SEBI, and TRAI are involved in cybersecurity. However, overlapping responsibilities and limited coordination among them often create confusion in incident response and accountability. Moreover, India lacks a single unified cybersecurity authority or national cyber command to coordinate efforts effectively.
  2. Weak Supply Chain and Third-Party Security: Weak cybersecurity practices among contractors, vendors, and third-party service providers pose a major risk to critical infrastructure. The Kudankulam data leak exposed this vulnerability, highlighting the need for mandatory cybersecurity audits of vendors in strategic sectors.
  3. Legacy and Outdated IT Systems: Many public sector systems, especially in critical infrastructure (power, railways, PSU banks), run on legacy software with unpatched vulnerabilities, increasing exposure to exploitation.
  4. Dependence on Foreign Technology: A significant portion of India’s cybersecurity infrastructure (estimated at 30-40% in critical segments) depends on foreign “black-box” technologies. This creates supply chain risks in a volatile geopolitical environment and undermines strategic autonomy.
  5. Shortage of Skilled Cybersecurity Workforce: India faces a significant shortage of trained cybersecurity professionals, limiting its ability to prevent, detect, and respond to cyber threats. The country has an estimated 300,000 cybersecurity professionals, but this falls far short of demand. A shortage of 1 to 1.5 million skilled workers is projected, with about 39,000 positions currently unfilled.
  6. Low Cybersecurity Awareness and Cyber Hygiene: A lack of awareness about cyber threats, weak passwords, unsafe online practices, and poor adherence to security protocols make individuals and organizations vulnerable to phishing, malware, identity theft, and financial fraud.
  7. Inadequate Regulatory and Legal Framework: India’s cybersecurity governance is constrained by an evolving regulatory framework that has not fully kept pace with the rapidly changing cyber threat landscape. The primary law governing cybercrime, the Information Technology (IT) Act, 2000, was enacted before the emergence of modern threats such as ransomware, deepfakes, AI-enabled cyberattacks, and large-scale data breaches.
  8. Rise of Sophisticated and Evolving Threats: Ransomware-as-a-service, AI-generated phishing/ deepfakes, and zero-day exploits evolve faster than defensive capacities. State-sponsored APT groups (often linked to China and Pakistan) possess resources and sophistication that outpace many Indian institutions’ defensive capabilities.

What measures has the Government of India undertaken to strengthen India’s cybersecurity architecture?

Institutions & Bodies 
  • CERT-In (Indian Computer Emergency Response Team): The national nodal agency for responding to cybersecurity incidents. It issues alerts, conducts mock drills, coordinates response, and provides guidelines on security practices.
  • NCIIPC (National Critical Information Infrastructure Protection Centre): Nodal agency for protecting Critical Information Infrastructure (CII). It provides threat intelligence and advice to sectors like power, banking, and transport.
  • I4C (Indian Cybercrime Coordination Centre): Established by the MHA to combat cybercrime in a coordinated manner. It manages the National Cybercrime Reporting Portal and the Cyber Fraud Mitigation Centre.
  • NCCC (National Cyber Coordination Centre): Operates as a control room to scan cyberspace for threats. It shares metadata with other agencies for coordinated action.
  • NCSC (National Cyber Security Coordinator): Coordinates cyber security efforts among different agencies under the National Security Council Secretariat.
  • CyMAC (Cyber Multi Agency Centre): A unified platform for real-time monitoring, threat intelligence sharing, and coordinated response among agencies like IB, CERT-In, and NCIIPC. 
Legal, Regulatory and Policy Framework
  • IT Act, 2000 (amended 2008): Primary legislation criminalizing hacking, data theft, and cyberterrorism (Section 66F).
  • Digital Personal Data Protection Act (DPDPA), 2023: This Act is a major step forward, creating a comprehensive framework for processing personal data, emphasizing accountability, informed consent, and mandatory breach notifications.
  • National Cyber Security Policy, 2013: India’s first comprehensive policy framework. It aims to create a secure cyber ecosystem, strengthen the regulatory framework, and train cybersecurity professionals.
  • National Cyber Security Strategy: Envisages a 5-pillar approach: secure (large-scale digitization), strengthen (proactive defence), synergise (institutional coordination), skill (capacity building), and safeguard (citizen protection).
Capacity Building & Awareness 
  • Cyber Surakshit Bharat (CSB) Initiative: A public-private partnership program that has trained over 1,662 Chief Information Security Officers (CISOs) and IT officials.
  • CERT-In Training Programs: CERT-In trained 12,014 officials in 2024 on securing IT infrastructure and mitigating cyberattacks.
  • Cyber Swachhta Kendra (CSK): A citizen-centric initiative that provides free botnet cleaning and malware removal tools, extending the vision of “Swachh Bharat” to cyberspace. 

What should be the way forward?

  1. Building Domestic Cyber and AI Capacity: India must build indigenous technology across models, data, and computing infrastructure, as there is “no other option” given the sensitive nature of national systems. This includes developing sovereign alternatives in cloud, email, and operating systems to reduce dependence on foreign supply chains and protect metadata.
  2. Unified and Updated Legal Framework: Enact a comprehensive, dedicated Cybersecurity Act (moving beyond the IT Act, 2000) that addresses ransomware, AI-enabled threats, and critical infrastructure protection with clear penal and civil liability provisions. Finalize and adopt a revised National Cyber Security Strategy to replace the outdated 2013 policy, with clear timelines and measurable targets.
  3. Strengthening Institutional Coordination: Establish a unified national cybersecurity authority to improve coordination among agencies such as CERT-In, NCIIPC, NSCS, and sectoral regulators. This would reduce fragmentation, ensure clear responsibilities, and provide a single point of accountability during cyber incidents.
  4. Building a Future-Ready Cyber Workforce: India must invest in cybersecurity education, skill development, and continuous training to address the shortage of cyber professionals. Scale up dedicated cybersecurity education (undergraduate/postgraduate programs, CoEs) and public-private training partnerships to close the skilled workforce gap.
  5. Citizen Awareness and Cyber Hygiene: Expand digital literacy and cyber awareness programmes such as Cyber Surakshit Bharat and ISEA, especially for first-time internet users, to promote safe online practices amid the rapid growth of smartphones and UPI-based transactions. Integrate basic cybersecurity education into school and college curricula.
  6. Technology and Infrastructure Modernization: India must continuously upgrade its cybersecurity infrastructure by adopting advanced technologies such as Artificial Intelligence (AI), Machine Learning (ML), threat intelligence platforms, and secure cloud systems. Phase out legacy IT systems in critical infrastructure through time-bound modernization programs.
UPSC GS-3: Cybersecurity
Read More: The Hindu
Print Friendly and PDF
Blog
Academy
Community