Launching the National Cyber Security Policy-2013 here on Tuesday, the Indian Minister for Communication and Information Technology, Kapil Sibal said : 'this policy is a framework document and it gives you a broad outline of what our vision is...the real task or the challenge is the operationalisation of this policy.'

He outlined that the critical infrastructure such as air defence system, power infrastructure, nuclear plants, telecommunications system have to be protected otherwise it may create economic instability.

The Minister cautioned that there may be cyber attacks from foreign state and non-state actors and from multiple places as the cyber world has no geographical barriers. The actors may be individuals, sections of society, businesses, terrorists, drug dealers and those who want to generate violence.

Sibal, however, admitted that cyber security cannot be possible “unless chips and processing of information in the chip are produced in India.” He said that unless these vital products are produced in India the Government will find it difficult to ensure cyber security.

At present most of the chips with processed information are imported from outside the country.

The Bengaluru-based Indian Institue of Science Professor N Balakrishnan echoed the same concern and citing example of China said : “China on the otherhand talks about policy opinon on - International Competition over Accquisition, Use and Control of Information. By linking cyber policy and technology policy – techno nationalism – it decided that through its science policy that in areas critical to national security and economy, core technologies cannot be purchased.”

Sibal further said : 'In the ultimate analysis, we have to develop global standards because there is no way that we can have a policy within the context of India which is not connected with the rest of the world because information knows no territorial boundaries.'

Sibal said that the policy would ensure privacy, safety of data and prevent cyber attacks. There is a need to ensure that right to privacy is ensured while implementing the policy. National Security Council will be monitoring the implementation of the policy.

Defending US surveillance programme of phone logs and internet data through project PRISM, the Indian External Affairs Minister Salman Khurshid, who is now in Brunei, said : 'This is not scrutiny and access to actual messages. It is only computer analysis of patterns of calls and emails that are being sent... it is not actually snooping on the content of anyone's messages or conversations.'

Denying asylum to Edward Snowden, wo leaked US activity of snooping, the Spokesperson of the Indian External Affairs Ministry, Syed Akbaruddin said : 'I can confirm that earlier today our Embassy in Moscow did receive a communication dated 30 June from Mr Edward Snowden. That communication did contain a request for asylum. We have carefully examined the request.Following that examination we have concluded that we see no reason to accede to the request.'

Based on documents provided by Snowden, The Guardian newspaper reported at the weekend that US intelligence services were also spying on 38 embassies and diplomatic missions of its allies including India.

Snowden, whose US passport has been cancelled, remains holed up in Moscow airport where he has sought asylum from 21 countries.

Representing the ICT industry, Dr KK Bajaj of DSCI said that Mandiant Intelligence Centre Report has also revealed US activity in both espionage and survielence.
According to him about 129 companies in US came under the scanner.

In order to create a secure cyber ecosystem, the policy plans to set up a national nodal agency to coordinate all matters related to cyber security in the country with clearly defined roles and responsibilities.

It plans to establish a mechanism for sharing information, identifying and responding to cyber security incidents and for cooperation in restoration efforts.

The policy lays out 14 objectives which include creation of a cyber ecosystem in the country, providing fiscal benefits to businesses for adoption of standard security practices and processes, developing effective public private partnerships and collaborative engagements through technical and operational cooperation.

It also plans 'to create a workforce of 5,00,000 professionals skilled in cyber security in the next five years through capacity building, skill development and training'.

The objectives also include enhancing and creating 'national and sectoral level 24x7 mechanisms for obtaining strategic information regarding threats to ICT infrastructure, creating scenarios for response, resolution and crisis management through effective, predictive, preventive, proactive response and recovery actions.'

It plans to develop indigenous security technologies through research.

The policy also identifies eight strategies to create a secure cyber ecosystem which include a designated 'national nodal agency to coordinate all matters related to cyber security'.

The policy says all organisations earmark a specific budget for implementing cyber security initiatives and for meeting emergency response arising out of cyber incidents.

It calls for developing a dynamic legal framework and its periodic review to address the cyber security challenges arising out of technological developments in cyber space.

The policy plans to operate a 24X7 national level computer emergency response team (CERT-In) to function as a nodal agency for coordination of all efforts for cyber security emergency response and crisis management.

'CERT-In will function as an umbrella organisation in enabling creation and operationalisation of sectoral CERTs as well as facilitating communication and coordination actions in dealing with cyber crisis situations,' the policy said.

Cyber incidents, including phishing and malicious URLs, virus and malicious code propagation and spams, have been on the rise and touched new levels in 2010 when the Internet and smart phone penetration in the country crossed new heights.