Cybersecurity and Digital Governance: An Overview
August 27, 2018 In ANALYTICSConsidering e-Governance as an outgrowth of a government’s efforts to improve upon existing citizen-government relationship, also means that the legal value of electronic transactions is at par with that of the written form. Hence, the protection of e-Governance projects requires information-security best practices. Ranging from security policies, practices/procedures to the utilization of security technology; cybersecurity involves the protection of e-governance systems against attacks, detection of abnormal activities, along with having a proven contingency plan in place. Cybersecurity today has become a topic of much significance for all government entities. In fact, it’s broad relevance cannot be compartmentalized to relatively niche topics such as issues of national security, or responses to hacking activities. As important as these issues still may be, they are now relatively a small fraction of a much larger challenge that pervades across government operations. Context: The IT security market has evolved quite significantly over the last few years. Security today is no longer about protecting hardware/software assets located within a data centre, in fact, much of an organization’s processing in the present times happens outside a data centre. Perimeter security hence, is just a small part of a larger challenge. Governments today are looking at smart cities, integrated mobile devices, cloud computing, IOT etc. which have collectively driven security out of the peripheral edges of network, into the cyberspace. The cybersecurity challenges faced today hence, require a rather holistic solution since digital initiatives, are quite literally being undertaken everywhere. Existing, as well as potential threats in the arena of cybersecurity, are one of the most serious challenges of the 21st Century. Emanating from a wide variety of sources, their manifestation into disruptive activities, target individuals, businesses, national infrastructure and governments alike, as they carry within them significant risks for public safety, national security, connected global trade community etc. Thinking Ahead: Government entities vary from each other in terms of their risk profiles and their security postures need to be sufficient enough to meet the needs of an organization. There cannot be a singular focus on preventing possible attacks, that would be a naive stance, in fact, a more prudent strategy should be taking into account the full spectrum of activities that are needed to deal with a complete attack continuum. A successful security posture should not only minimize the likelihood of the occurrence of an attack but also put robust contingency plans in place, in order to minimize the damage in case an attack is successful. Thus, the creation of a secure cyber eco-system that includes within it a series of direct actions, enabling processes as well cooperative/collaborative efforts within and beyond the state is necessary, which can cover the following aspects: • Creating situational awareness regarding threats to the ICT infrastructure, tackling the determination as well as the implementation of a suitable response. • Creating a conducive legal environment that supports safe/secure cyberspace and enables confidence in electronic transactions; along with enhancing law enforcement capabilities that will enable effective prosecution as well as responsible actions by stakeholders • Having 24X7 cybersecurity mechanisms in place, for emergency response/resolution and crisis management, through predictive, preventative and recovery actions. • Measures for data protection while in the process, handling, storage and transit, along with protection of sensitive personal information. Countries across the globe today are concerned about the subversion of ICT supply chain, that would affect the secure and reliable use of IT in various applications. The fact remains that the inclusion of malicious hidden functions of IT can resultantly undermine confidence in endorsed products/services, affect national security as well as erode trust in commerce. Thus, in order to meet contemporary community expectations as well as increase user adoption, the safeguarding of data systems, is of pivotal importance for successful digital-governance initiatives. Cybersecurity is no longer an issue that can be dealt in an effective manner via technical risk-mitigation alone. Since digital governance is synonymous with good governance now, hence cybersecurity needs to be treated as a core to maintaining the faith of its citizens in their government to be competent, reliable and trustworthy.