SYLLABUS SECTION: GS III (ECONOMY)
WHY IN THE NEWS?
Recently, the Ministry of Electronics and IT (MeitY) designated the IT resources of ICICI Bank, HDFC Bank, and UPI managing entity NPCI’s IT Resources as critical information infrastructure under Section 70 of the IT Act of 2000.
- The Information Technology Act of 2000 defines “Critical Information Infrastructure” as a “computer resource,
- The incapacitation or destruction of which shall have a debilitating impact on national security, economy, public health, or safety.
- Under the Act, has the power to declare any data, database,
- IT network, or communications infrastructure as CII to protect that digital asset.
- According to the Act, anybody who secures or attempts to secure access to a protected system in violation of the requirements,
- They will face imprisonment for a term of up to ten years as well as a penalty.
WHY CRITICAL INFRASTRUCTURE TAG IS NEED?
- Looking at the recent sophisticated cyber-attacks,
- It is high time all the banks and financial institutions get themselves notified as a protected system.
- Similarly, the control system of all the electricity, oil, airports, railways, metros, and transport systems are critical infrastructure and must be declare a protective system.
- On October 12, 2020, as India battled the pandemic, the electric grid supply to Mumbai suddenly snapped hitting the mega city’s hospitals, trains, and businesses.
- Later, a study by a US firm that looks into the use of the internet by states, claimed that this power outage could have been a cyber attack, allegedly from a China-linked group, aimed at critical infrastructure.
HOW IS CIIS PROTECTED IN INDIA?
- Created in January 2014, the NPCI’s IT RESOURCES AS CRITICAL INFORMATION Infrastructure Protection Centre (NCIIPC) is the nodal agency for taking all measures to protect the nation’s critical information infrastructure.
- It is mandated to guard CIIs from “unauthorized access, modification, use, disclosure, disruption, incapacitation or distraction”.
- Indian Computer Emergency Response Team (CERT-In) is the nodal agency for responding to computer security incidents.
- National Cyber Security Coordinator (NCSC) to coordinate with different agencies at the national level for cyber security matters. National Cyber Security Policy 2013 to build secure and resilient cyberspace.
Read more: UPSC CURRENT AFFAIRS
SOURCE: THE HINDU