NEW DELHI: Indian government will be rolling out a new cybersecurity system this week, at a time when it turns out that India is among the top five countries whose data has been compromised by the US’ NSA surveillance system for years.

The new architecture, which was cleared by the Cabinet last month, envisages an interconnected set of organizations in key departments like NTRO, defence and home ministries while CERT will remain the umbrella body to oversee cyber-protection. A newly-appointed cybersecurity coordinator will preside over this new inter-agency structure.

National security adviser (NSA) Shivshankar Menon had flagged off a set of recommendations for government-private sector collaboration on cybersecurity last October that forms the basis of the new architecture. The recommendations included the government and private sector jointly training almost five lakh cybersecurity professionals in five years.

The government is also keen that Indian companies develop indigenous defensive software because they feel foreign-origin software is compromised. But Indian companies have still not been able to develop the kind of code-writing expertise that is seen in the US and Russian cyber entities.

The prospect that massive amounts of data from Indian public and private entities have been compromised by the US has added to New Delhi’s dilemma. At the heart of India’s problems is the fact that any attempt by the Indian government to install a regulatory system for cyber activities could compromise its IT and ITES industry. On the other hand, the lack of sensible security structures mean that India’s IT industry would find it difficult to do the sensitive stuff as repeated breaches of security in Indian IT companies have increased. For instance, the international ATM fraud that cleaned out over $45 million from two Gulf banks has an Indian footprint. The government plans to work closely with the private sector to develop a more coordinated policy.

But how that is to be achieved will be unveiled in due course, said sources. The government plans to facilitate the private sector in setting up cybersecurity infrastructure, auditing performance, implementing global best practices, training professionals etc.

The expectation is that the new cybersecurity policy will somehow stop the sniping that happens regularly between Indian cyber entities, particularly since they are doled out as compensation to peeved civil servants with only a passing knowledge of cybersecurity. The government itself has to attract talent to head these organizations.