|
Shri Vijay Shankar, Director, CBI;
Shri M.L. Sharma, Special Director, CBI;
Mr. Ronald K. Noble, Secretary General, Interpol;
Distinguished Delegates from various Countries and International Organizations;
Members of the Media;
Members of Organizing Committee and Friends,
It gives me great pleasure to be here amidst you all on this important occasion; important because this conference has dealt with a fundamental responsibility of any State – that is providing security to its citizens. Today, when cyber world is becoming as relevant as the physical world, maintaining law and order and prevention and detection of crime in the cyber world has become a genuine need of people and a fundamental responsibility of Governments. Information and Communication Technology, which is the foundation stone of the cyber world, is likely to come under serious onslaught of cyber crimes. If left unchecked, Cyber Crimes are likely to pose a significant threat to the exploitation of full potential of Information and Communication Technology for the benefit of the mankind. Information and Communication Technology has a great potential for improving the quality of life of citizens by lending transparency in Governance, cost-effectiveness of delivery of public services at a quick pace, informed decision-making, integration of remote areas with the business centres on the information highway, creation of wealth, creation of more jobs, etc. Information and Communication Technology revolution holds a great hope for a better tomorrow and therefore, all out efforts need to be made to facilitate its furtherance.
Realizing the great potential of e-Governance, the Government of India has approved the National e-Governance Plan in May 2006. The vision of this plan is to ‘make all Government services accessible to the common man in his locality, through common service delivery outlets and to ensure efficiency, transparency & reliability of such services at affordable costs to realize the basic needs of the common man’. This Plan comprises of 27 Mission Mode Projects; 100,000 Common Service Centres; State Wide Area Networks to provide connectivity up to block level with provision for wireless connectivity from the block level to the village level; and State Data Centres. The Mission Mode Projects cover all important sectors in Government domain such as banking, insurance, land records, police, e-courts, etc.
One of the key considerations in implementation of this plan is to define architecture, standards and policies addressing issues of security, privacy, etc. To address such issues, Department of Information Technology has worked out strategy which includes the security assurance framework, incident and alert system in respect of information security breaches for cyber community, legal framework, research and development and training awareness in the area of information security and cyber forensics. The Government has already requested critical sectors in the country to implement Security Best Practices based on ISO 27001 model. Department of Informaiton Technology has already set up the Indian Computer Emergency Response Team (CERT-In) at New Delhi. The said team coordinates with the cyber community in public and private and provides support for mitigation of cyber incidents. They also carry out the risk and vulnerability assessment and issues Advisories, vulnerability and alert notes to the cyber community in the country. CERT-In closely monitor the cyberspace and liaison with their counterparts worldwide. They have provided very active support to financial institutions worldwide in shutting down the phishing sites of those organizations like City Bank, Bank of America etc. I had the pleasure to announce that CERT-In work out very closely with Finland CERT and NATO to mitigate the recent case of cyber attacks in Estonia. CERT-In as well as Department of Information Technology is working very closely with research and development community to develop products for the network and information security. The focus is to develop products which can provide end-to-end security.
In India, Department of Information & Technology has established a Resource Centre for Cyber Forensic at CDAC Thiruvanthapuram, which is tasked with development of cyber forensic tools and training of law enforcement personnel in investigation of cyber crimes and use of these tools. The Cyber Forensic tool developed by them is at par in terms of functions, with any Forensic tool available in the world. The talent of the academicians, private sector, law enforcement agencies and industry is pooled for development of cyber forensic tools. Such kind of multi sectoral partnership is not only desirable but if I may say so, the only way ahead for tackling the menace of cyber crime.
Internet and Information and Communication Technology are here to stay. Globally, there are a billion people connected to the Internet. 12% of the global trade is already being conducted via the Internet. 2.5 trillion e-mails are being exchanged every year. In India, Personal Computer penetration has reached 25 million. About 18 million people are connected to the Internet. There are 200 million mobile phone users. With advances in wireless technology and miniaturization of hardware, mobile phone is competing hard to replace a Personal Computer. When that happens, the already thinning line between a citizen and netizen, would, perhaps disappear and everyone would be a potential victim of a cyber crime. If such is the likely scenario, it is high time the key challenges in the area of cyber crimes are addressed.
In my view, some of the key issues are:
Criminalization of harmful conduct by all nations in a harmonized manner based on consensus;
Arrangements for speedy trans-border cooperation based on agreed upon Standard Operating Procedures in areas of collection and sharing of evidence;
An agreed formula for arriving at the most appropriate jurisdiction to investigate and try an offence;
Balancing the requirements of law enforcement with those of human rights, privacy and private sector;
Public-Private partnership and assignment of their roles and responsibilities;
Research and Development to make technology more secure, and auditable and computer forensic tools more efficient, user friendly and cost-effective;
Regulation of unsafe systems and practices like unconfigured servers, weak authentications for commercial transactions, anonymous mailing, etc. ; and
Bridging the skill and resource gap that exists between cyber criminals and law enforcement agencies through quality training and resource upgradation.
It is almost a unanimous view that cyber crimes are grossly under-reported. While business interests remains primary reason for not reporting a security breech, an equally important reason is the lack of trust in ability of law enforcement agencies to successfully investigate such offences. Such an impression is not completely baseless either. Even in the most advanced countries, the skill and tools to investigate cyber crimes are concentrated in a few specialized units only. Local police, by and large, are found deficient in investigating such crimes. Hence, there is a urgent need for capacity-building in this regard through training and provisioning of tools and technology.
In enacting the Information Technology Act, 2000, India became one of the first few countries in the world, which enacted a specific law to deal with cyber crimes. In fact, based on our experience of last seven years and inputs received from various international bodies, the Act is under comprehensive revision. The proposed amendment address a number of concerns such as data protection, data theft, e-commerce frauds, child pornography, identity theft, privacy issues and immunity to intermediaries, to name a few. It is unfortunate that even today, a number of countries are yet to enact an effective legislation in this respect. This could prove a boon for the cyber criminals as the borderless nature of the medium would allow them to operate through such crime havens.
While going through the programme of last three days, I could see that the deliberations have very meaningfully highlighted important problems in the area of the cyber crime such as identity theft, online banking frauds, child abuse, terrorist use of Internet and botnets etc. More importantly, the conference has provided an opportunity to member states to assess their preparedness and share best practices in area of international cooperation and incidence reporting. The conference would have provided opportunity for the participants to build networks at personal level also, which could be one way to achieve the desired quickness in response from across the borders. It is heartening to note that the private sector, which has always been in the forefront of the information and communication technology revolution, has been actively associated in the deliberations. Very important recommendations in the form of resolution have been made which, if implemented in right earnestness, would go a long way in making cyber world a safer place. I, as Minister of Communication and Information Technology, would be very keenly watching the developments in this regard in the coming days. The Ministry would be happy to render its assistance in every possible way, including a legislative response, if need be.
I complement the Interpol for very thoughtfully chalking out the programme and ensuring such a good participation. I would like to congratulate Shri Vijay Shanker, Director, Central Bureau of Investigation and his team of officers for meticulously planning every detail for such a big conference and organizing it so successfully. India is a beautiful country with a diverse culture. I am sure that apart from their professional engagements, the delegates would have utilized this opportunity in having a taste of India, which I hope they will cherish for a long time. I once again thank Shri Vijay Shanker, Director CBI for giving me this opportunity to be here and interact with you all.
Thank you.
|
