‘India has made only modest progress in developing cyber security doctrine’

India has made only modest progress in developing its policy and doctrine for cyberspace security despite the geostrategic instability of its region and a keen awareness of the cyber threat it faces, according to a new report by the International Institute for Strategic Studies. The report ‘Cyber Capabilities and National Power: A Net Assessment’, which has assessed cyber power for 15 countries, said while India has cyber-intelligence and offensive cyber capabilities, they are regionally focused, principally on Pakistan. Third-tier power “From the little evidence available on India’s offensive cyber capability, it is safe to assume it is Pakistan-focused and regionally effective. Overall, India is a third-tier cyber power whose best chance of progressing to the second tier is by harnessing its great digital-industrial potential and adopting a whole-of-society approach to improving its cyber security.” The report divides the countries into three tiers based on analysis of core cyber-intelligence capabilities, cyber security and resilience, strategy and doctrine and offensive cyber capability. For example, there are indications that, since about 2010, Indian cyber teams have been targeting IP addresses in Pakistan, as well as secessionist movements within India itself, in a significant cyber-surveillance and cyber-espionage operation.” Further afield, however, India’s cyber-intelligence reach appears weak: it tends to rely on partnerships such as those with the U.S., the U.K. and France for a higher level of cyber situational awareness and to help it develop a greater reach of its own in future, the think tank said.