Reply: Refer to the IDSA Task Force Report titled, “India's Cyber Security Challenges”; and, the Edited Transcript of IDSA Cyber Security Report Release & Panel Discussion, including the Keynote Address by Amb. Shivshankar Menon, National Security Advisor, May 16, 2012, at http://idsa.in/system/files/Transcriptcybersecurity.pdf

Also, refer to the following:
Arvind Gupta, “CBMs in Cyber Space: What should be India’s Approach?”, IDSA Web Comment, June 27, 2012.

Cherian Samuel, “Emerging Trends in Cyber Security”, IDSA Web Comment, March 28, 2012.

Amit Sharma, “Cyber Wars: A Paradigm Shift from Means to Ends”, Strategic Analysis, 34 (1), January 2010.

Subimal Bhattacharjee, “The Strategic Dimensions of Cyber Security in the Indian Context”, Strategic Analysis, 33 (2), March 2009.

Cherian Samuel replies: Cyberspace as a theatre of war is still in its infancy, but one of its axioms is that offensive capabilities are easier to create than defensive capabilities. While many countries are developing offensive capabilities, accompanying strategies or doctrines are yet to make an appearance, with the exception of the Chinese who have developed a concept of “informationised war”. The absence of a doctrine inhibits the creation of an institutional structure as seen in the several false starts on the part of the US military before the establishment of the US Cyber Command in May 2010. Its mission statement, to “direct the operations and defence of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries” suggests that its primary objective is to build up a defensive capability.

A cyber command has many negative connotations, and India is not inclined to be a party to the militarization of cyberspace, preferring instead to work towards considering cyberspace on the lines of existing global commons such as sea and space. That the emphasis is on preserving the integrity of defence information networks is seen in the statement of the Defence Minister in the Lok Sabha on July 26, 2010. However, even such a limited mandate might be difficult to fulfill given the fact that there is already a profusion of agencies within the military dealing with this, ranging from the Corps of Signals, to the A-CERT (Army Computer Emergency Response Team), to the IT Departments of the various HQs and the IDS. Even though the Defence Minister referred to the Defence Information Assurance and Research Agency (DIARA) as being the “nodal agency mandated to deal with all cyber security related issues of Tri Services and Ministry of Defence,” the increasing magnitude of cyber threats necessitates both consideration and co-ordination of responses at a much higher level.