On June 2, the government chose Lt Gen MU Nair to serve as the 3rd National Cyber Security Coordinator (NCSC). He will be heading the National Cyber Coordination Centre (NCCC). Lt Gen Nair is replacing Lt Gen (Retd) Rajesh Pant, a Signals Corps veteran. The first NCSC of NCCC was Gulshan Rai.
Lt Gen Nair is an alumnus of the prestigious National Defence Academy. In July 2022, he started serving as the 28th Signal Officer-in-Chief. He formerly held the position of commandant of the Military College of Telecommunication Engineering prior to his appointment as the NCSC. He has also held other significant positions, such as additional director general, chief of staff of a corps, chief of signal intelligence, and command.
Lt Gen Nair is a highly decorated officer and has been awarded Ati Vishisht Seva Medal and Sena Medal. At both the local and international levels, Nair has extensive knowledge of cyber warfare, signal intelligence, and communication and information technologies, which he would leverage in the NCCC.
NCCC has been set up to generate necessary situational awareness of existing and potential cyber security threats and enable timely information sharing for proactive, preventive and protective actions by individual entities. NCSC looks after NCCC and comes under National Security Council Secretariat (NSCS) and coordinates with different agencies at the national level for cyber security matters.
The NCCC is tasked with creating the situational awareness required to identify current and emerging cyber security risks, notifying all pertinent authorities in the event of a cyberattack, and fostering improved cyber intelligence sharing.
The NCCC “streamlines” intelligence gathering by screening all kinds of meta-data and ensuring improved collaboration amongst various intelligence organisations. The NCCC works along with Indian Computer Emergency Response Team (CERT-In) and National Critical Information Infrastructure Protection Centre (NCIIPC). Indian Computer Emergency Response Team (CERT-In) issues alerts and advisories regarding the latest cyber threats and countermeasures on a regular basis. National Critical Information Infrastructure Protection Centre (NCIIPC) has been established for the protection of critical information infrastructure in the country.
The NCSC is now working to update and replace the 2013 National Cyber Security Strategy. A common but differentiated approach (CBDR) will be used in the next National Cyber Security Reference Framework (NCRF), replacing the outdated strategy.
On June 12, the former NCSC Lt Gen (Retd) Rajesh Pant stated that the National Cyber Security Strategy 2023 is in the final stages of being approved. He announced at an event hosted by Persistent Systems Limited in Pune that the initial version of the NCRF document is prepared for public release.
Lt Gen Pant said, “National Cyber Security Strategy 2023 is an important document that supersedes the 2013 policy. From 2013 till 2023, the world has changed as new threats have emerged, calling for a new strategy. The document will be put in the public domain after a final check by the committee to ensure that nothing confidential is released”.
According to Lt Gen Pant, the government has been continuously trying to provide structured guidance on cyber security to the vital sectors of the country, including telecom, electricity and energy, transportation, finance, strategic institutions, government entities, and health. This significant undertaking is led by the National Critical Information Infrastructure Protection Centre as part of a project financed by the National Security Council Secretariat.
He said, “Organisations can use the NCRF to improve their cybersecurity posture, reduce data breach risk or any cybersecurity incident, ensure compliance with regulations and enhance operational efficiency”. He added that the central government has also invested 700 crores in a nationwide project to promote cyber awareness and skill development.
According to the National Cyber Security Coordinator, the Government will release the framework document in a month after reviewing the document. He added the first draft of the framework was created by IIT-Bombay and the IT firm Persistent Systems, and the government later refined it.