January 19, 2015

Ambassador Shyam Saran, Chairman, RIS & AIC

H.E. Mr. Rizali Wilmar Indrakesuma, Ambassador of Indonesia to India

Mr. R.Chandrashekhar, President, NASSCOM

Mr. Pratap Parameswaran, Director, Political and Security Directorate, ASEAN Sect.

Delegates from ASEAN Member countries and the ASEAN Secretariat
Distinguished Guests

Ladies and Gentlemen,

It gives me immense pleasure to be here in the company of experts from India & ASEAN countries, representing governments, think-tanks, industry and other stakeholders, to deliberate on one of the most serious challenges impacting the economic well-being and security environment of today's world, i.e. Cyber Security.

Cyberspace is acknowledged as the fifth domain of human activity, the others being land, sea, air and outer space. As the internet has grown exponentially in its reach and scope, our dependence on cyberspace for social, economic, governance, and security purposes has also grown exponentially. Unfettered access to information through a globally inter-connected internet empowers individuals and governments, but at the same time poses new challenges to the privacy of individuals and to the capabilities of governments and administrators of cyberspace tasked with preventing its misuse.

This Conference comes against the backdrop of the leading power in the world, the United States, being challenged, not by a formidable army, but by small groups of hackers who broke into the IT systems of Sony Corporation's US subsidiary as well as those of the US Central Command and wreaked considerable damage. Acknowledging the gravity of threats posed in cyber space, President Obama unveiled new measures to enhance cyber security last week.

Prime Minister Shri Narendra Modi had also, soon after assuming office, highlighted that while cyber space is a source of great opportunity, cyber security has become a major concern. The signs are unmistakable and the prognosis clear - We all need to act now to protect ourselves from the menace of cyber attacks.

India is widely recognised as an IT power but cyber threats pose no less a challenge to us and our IT and security infrastructure. Recognising India's capabilities in the field, the ASEAN Secretariat had requested India a while back to conduct an ASEAN-India Conference to explore the possibilities of cooperation in this crucial area. Our Hon'ble Minister of External Affairs, Smt. Sushma Swaraj committed to ASEAN Foreign Ministers' in Nay Pyi Taw during the 12th ASEAN-India Foreign Ministers' Meeting in August 2014, that India would host this conference at an early date. I am indeed pleased that RIS and AIC had translated this commitment into action quickly.

The field of cyber security covers a wide range of areas including cyber warfare, cyber terrorism, cyber espionage, application of cyber laws, critical infrastructure protection and international cyber security cooperation. I thought it may be useful if I use this opportunity to dwell a bit on India’s perspective on Cyber Space and Cyber Security, notably the major challenges we face, our priorities in this domain and, importantly, how ASEAN and India can cooperate in this area.

India today has the third largest number of internet users, after the USA and China. We account for 900 million mobile phone users and 200 million internet subscribers, and the figure is likely to touch half a billion in the coming years. The internet has been a catalyst of change, propelling economic growth, enabling extended governance outreach, positively influencing the lives of our people and building new narratives of Indian society.

The Internet has also fundamentally transformed the way the government works, how businesses operate and society communicates. Our e-governance programmes have had a positive impact on the general well-being of our people and made government functioning more transparent, accessible and efficient.

At the same time, India is exposed to the threats and continuously evolving challenges in cyber space. With increasing penetration and use of the internet, cyber crime is emerging as a major challenge. India has seen a massive surge in the number of cyber security incidents in the past decade, with cyber security breaches rising from under two dozen in 2004 to over 62,000 by mid-2014. Indian companies have also encountered a 20% increase in losses as a result of cyber security breaches and we all know family or friends who have been victims of identity theft, financial fraud and other such internet-enabled crimes.

The anonymity and inter-connectivity of cyberspace is not just exploited by criminals and terrorists to carry out identity theft, financial fraud, terrorist activities and stealing of corporate information but also by some state actors to conduct espionage, disrupt critical infrastructure and plant malicious software which can be exploited in various ways.

We firmly believe that the core values of liberty, freedom of expression and rule of law apply equally to cyber space and it is in our common interest to maintain a peaceful, secure and resilient cyber space. To ensure this, we have put in place a robust institutional and legislative framework to deal with the challenges to cyber security. The Government is also actively partnering with the private sector, industry associations, service providers and other stakeholders, to jointly try to secure cyberspace.

India introduced its National Cyber Security Policy in 2013, which aims to facilitate a secure computing environment and guide actions for protection of cyber space. The Information Technology (Amendment) Act of 2008 deals with vital issues such as electronic transactions, digital signatures, cyber-crimes, cyber security and data protection.

India’s Computer Emergency Response Team, called CERT-IN, operates on a 24X7 basis to undertake emergency measures for handling cyber security incidents in the country. Similarly, the National Association of Software and Services Companies (NASSCOM) and its member organisations have launched several initiatives, through the Data Security Council of India, to promote data protection and develop security and privacy codes and standards. You just heard President NASSCOM and will get to hear more about these aspects from DG, CERT-IN later in the day.

International cooperation is a key element in addressing the challenges of cyber security. Since cyber crime often has a transnational dimension, there is crucial need for cooperation to exchange experiences and share best practices for protection of information infrastructures. India lays huge emphasis on bilateral and international cooperation on cyber crime. The need for cooperation between India and ASEAN member countries in this field is, therefore, self-evident.

ASEAN, as we know, has been pro-active in the region's efforts to tackle cyber security challenges and has undertaken various cyber confidence building measures. In 2003, ASEAN adopted the Singapore Declaration which emphasised the efforts to establish an ASEAN Information Infrastructure with a view to promoting interoperability, interconnectivity, security and integrity of cyber systems. The Master Plan on ASEAN Connectivity also dwells on the importance of cyber security and ASEAN has further set-up a Network Security Action Council (ANSAC).

Similar efforts at integrating regional cyber security initiatives have been carried out under the aegis of the ASEAN Regional Forum, which conducts regular Inter-Sessional Meetings on Counter Terrorism and Transnational Crime where, inter alia, cyber security is discussed. The ARF has issued statements on cooperation in cyber security and organised workshops aimed at intensifying regional cooperation in the use of information and communication technologies.

While ASEAN and India have taken steps to firm up their cyber security regimes, we are yet to establish a strong relationship in this domain, even though we have made huge strides in our collaborative agenda on other fronts. We became Strategic Partners in 2012 and the ASEAN-India relationship is today one of the cornerstones of India’s foreign policy and the foundation of our 'Look East Policy', or 'Act East Policy' as Prime Minister Modi recently described it as.

We have a substantial relationship in the telecommunications sector and our Ministers meet under the aegis of the ASEAN-India Telecom Ministers' Meeting. We are establishing Centres of Excellence in Software Development & Training in all CLMV countries (i.e. Cambodia, Lao PDR, Myanmar & Vietnam) under the Initiatives for ASEAN Integration - Narrowing Development Gap. We will also be establishing an Information Technology Resource-cum-Study Centre for ASEAN & CLMV countries at the Centre for Development of Advanced Computing, NOIDA and provide assistance in IT curriculum development and IT teachers training to CLMV countries. As ASEAN & India enhance cooperation in the telecom and IT sectors, cooperation in cyber security cannot remain far

There is ample scope of collaboration in the field of cyber security between our countries. For example, India and ASEAN can undertake initiatives to create a system for sharing information on cyber security, as well as collaborate in fostering highly-skilled human resources in this field. ASEAN and India can also undertake joint R&D projects to protect and secure cyber space. Moreover, India would be happy to contribute towards strengthening of the cyber security capabilities of ASEAN member states, particularly the CLMV countries. The possibilities are infinite and we need to act now to take this shared agenda forward.

I would like to conclude by saying that in the domain of cyber security, the imperatives of national security have to be balanced with protecting the privacy of the individual. We in India look forward to working with the international community, particularly with our friends from ASEAN, in finding this balance, as well as in the shared task of keeping cyberspace secure and safe for our citizens and societies.

I am glad that this conference has brought together experts from ASEAN and India to exchange views on the current state of technical knowledge available in cyber security and the measures required to build further capacity in this domain. I am sure that the deliberations will lead to positive and actionable recommendations on how we can enhance our cooperation in this ever-evolving domain to mutual benefit.

Thank you.