Online edition of India's National Newspaper
Saturday, Apr 23, 2005

About Us
Contact Us
Opinion
News: Front Page | National | Tamil Nadu | Andhra Pradesh | Karnataka | Kerala | New Delhi | Other States | International | Opinion | Business | Sport | Miscellaneous | Engagements |
Advts: Classifieds | Employment | Obituary |

Opinion - News Analysis Printer Friendly Page   Send this Article to a Friend

Keeping a watch on cyberspace

Sandeep Dikshit

What can India do to protect its computer systems? Howard Schmidt, who heads the United States Computer Emergency Response Team and is former Cyber Security Adviser to U.S. President George Bush, in an interview toThe Hindu, offers some insights.

What should India do in the area of response coordination to ward off attacks on its computer networks?

Howard Schmidt: The first thing to be done on a national basis is to identify who needs to be a part of the response mechanism. There are three categories — technical experts, executive management, and communications people. And then decide on the coordinating body. In the U.S., the National Cyber Security Division is the convening body. Internationally, I see a very similar format. The CERT-IN [Computer Emergency Response Team in India] is the convening body which can then coordinate with other CERTs around the world as well as work with the Government.

Do you think a proactive and preventive approach works best in such cases?

That is the crucial part. Too many attacks will consume more of time. So prevention is very crucial. One way is to conduct an international dialogue on the best practices. That has also to be part of an education programme — the ability to educate this to exact users in government and business because oftentimes it is considered to be someone else's problem. The other thing is to look at interdependencies so that you can see the effect of a computer problem and what can be the cascading effect. Having a clear understanding gives a much better ability to know what to focus on to prevent such malfunctioning.

What should be the Indian long-term strategy? Should it be education and awareness? And where does U.S. CERT fit in?

For a long-term strategy, awareness and education is one component. The U.S. strategy for cyberspace has four major components — education and awareness, incident warning and watch, incident response, and the reduction of vulnerability. In cyberspace you don't know where the threat will come from. But if you do know you have vulnerability, then the long-term strategy can be conducted through dialogue. In India, we have had discussions to find out the commonalities and differences.

India is changing its cyber-crime laws within a short period of adopting them. What is your reaction?

I commend the Indian Government for taking a re-look at this. In the U.S. we have changed these laws four times because in technology nothing stays the same. So India has the ability and the leadership to go back and review the laws to see how they are being implemented, what the interpretations are and make them more efficient so that criminals are culpable and also make sure that innocent people are not being made victims. I also think not only the Government and law enforcement people should be looking at this [review] but also the industry and the citizens should be part of the discussions.

What has been the U.S. approach post-9/11 and post-Iraq?

Before the 9/11 event, we had a number of processes in place but we did not have a clear understanding of what the interdependencies are. For example if we lose computer power, do the lights go out? But five months before 9/11, we put together plans to create within the White House, the President's Critical Infrastructure Protection Board to work with all the Government agencies, private sector and international community. After September 11, we accelerated that. Post-Iraq, the only thing we did was consult internationally and nationally because there was a lot of intelligence about hackers on the other side. So we protected our systems better.

Printer friendly page  
Send this article to Friends by E-Mail

Opinion

News: Front Page | National | Tamil Nadu | Andhra Pradesh | Karnataka | Kerala | New Delhi | Other States | International | Opinion | Business | Sport | Miscellaneous | Engagements |
Advts: Classifieds | Employment | Obituary | Updates: Breaking News |


News Update

The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription
Group Sites: The Hindu | Business Line | The Sportstar | Frontline | The Hindu eBooks | The Hindu Images | Home |

Copyright © 2005, The Hindu. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu