Cybersecurity Governance: Policies, Challenges, and the Road Ahead
Introduction
The geographical world has physical boundaries, but the digital one has a different architecture and institutions are underprepared when it comes to addressing cybersecurity breaches. Cybercrime, which may lead to economic losses, privacy violations, national security threats and have psycho-social consequences, is forecast to continuously increase between 2024 and 2029, reaching an estimated cost of at least 6.4 trillion U.S. dollars (Statista). As cyber threats become persistent and ubiquitous, they are becoming a critical governance challenge. Lawmakers around the world need to collaborate on addressing this emerging issue.
Cybersecurity Governance and its Structural Elements
Cybersecurity governance refers to the strategies, policies, laws, and institutional frameworks that guide national and international preparedness and responses to cyber threats to governments, private entities, and individuals. Effective cybersecurity governance ensures that digital risks are managed proactively while balancing security with fundamental rights like privacy and internet freedom. It includes, but is not limited to :
- Policies and Legal Frameworks: Laws that define the scope of cybercrime, cybersecurity responsibilities, and mechanisms for data protection. Eg: India’s National Cybersecurity Policy (NCSP) of 2013, Information Technology Act, 2000, and Digital Personal Data Protection Act, 2023, EU’s Cybersecurity Act (2019), Cyber Resilience Act (2024), Cyber Solidarity Act (2025), and NIS2 Directive (2022), South Africa’s Cyber Crimes Act (2021), etc.
- Regulatory Bodies: Government agencies such as data protection authorities, cybersecurity task forces, and other sector-specific bodies. Eg: India’s Computer Emergency Response Team (CERT-In), Indian Cyber Crime Coordination Centre (I4C), Europe’s European Union Agency for Cybersecurity (ENISA), and others.
- Public-Private Knowledge Sharing: The sharing of the private sector’s expertise and the government’s resources plays a crucial role in improving enforcement and securing critical infrastructure. This model of collaboration is followed in the EU, Japan, Turkey, and the USA.
- Research and Development: Apart from the technical, the cyber domain also includes military, politics, economy, law, culture, society, and other elements. Robust, multi-sectoral research is necessary for formulating international and regional frameworks on cybersecurity.
Challenges to Cybersecurity Governance
Governments face several challenges in securing cyberspace and protecting critical assets and individuals despite the growing focus on cybersecurity. This is because so far the focus has been on cybersecurity management, which, considering the scale of attacks in the recent past, is not enough. Stakeholders must start deliberating on the aspect of governance in cyberspace while ensuring that this process is multi-consultative. (Savaş & Karataş 2022). Prominent challenges which need to be addressed are:
- Dynamic Threat Landscape: The threat landscape in cyberspace is ever-evolving. Bad actors are constantly coming up with new ways to carry out attacks, using elements of surprise, adaptability, and asymmetry aided by AI and quantum computing. While cybersecurity measures help mitigate risks and minimize damage, they can’t always provide definitive solutions. E.g., the pace of malware development is much faster than that of legal norms, legislation, and security strategies for the protection of information technology (IT). (Efe and Bensghir 2019).
- Regulatory Fragmentation and Compliance Challenges: Different countries, industries, or jurisdictions may enforce varying or conflicting cybersecurity laws and standards, which are still evolving and require rapid upgrades. This makes it harder for businesses to comply with regulations, increases compliance costs, and jeopardizes the security posture of the organization.
- Trans-National Enforcement Challenges: Cybercriminals operate across jurisdictions, making threat intelligence collection, incident response, evidence-gathering, and prosecution difficult. Without cross-border agreements between law enforcement agencies and standardized compliance frameworks for organizations, bad actors have an advantage in getting away with attacks.
- Balancing Security with Digital Rights: Striking a balance between cybersecurity laws and privacy concerns (e.g., surveillance laws vs. data protection) remains a profound challenge, especially in areas of CSAM prevention and identifying terrorist activities. Without a system of checks and balances, it is difficult to prevent government overreach into domains like journalism, which are necessary for a healthy democracy, and Big Tech’s invasion of user privacy.
The Road Ahead: Strengthening Cybersecurity Governance
All domains of human life- economy, culture, politics, and society- occur in digital and cyber environments now. It follows naturally, that governance in the physical world translates into governance in cyberspace. It must be underpinned by features consistent with the principles of openness, transparency, participation, and accountability, while also protecting human rights. In cyberspace, the world is stateless and threats are rapidly evolving with innovations in modern computing. Thus, cybersecurity governance requires a global, multi-sectoral approach utilizing the rules of international law, to chart out problems, and solutions, and carry out detailed risk analyses. (Savaş & Karataş 2022).
References
- https://www.statista.com/forecasts/1280009/cost-cybercrime-worldwide#statisticContainer
- https://link.springer.com/article/10.1365/s43439-021-00045-4#citeas
- https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-policies#ecl-inpage-cybersecurity-strategy
Related Blogs
Introduction
The rapid advancement of artificial intelligence (AI) technology has sparked intense debates and concerns about its potential impact on humanity. Sam Altman, CEO of AI research laboratory OpenAI, and Altman, known as the father of ChatGPT, an AI chatbot, hold a complex position, recognising both the existential risks AI poses and its potential benefits. In a world tour to raise awareness about AI risks, Altman advocates for global cooperation to establish responsible guidelines for AI development. Artificial intelligence has become a topic of increasing interest and concern as technology advances. Developing sophisticated AI systems raises many ethical questions, including whether they will ultimately save or destroy humanity.
Addressing Concerns
Altman engages with various stakeholders, including protesters who voice concerns about the race toward artificial general intelligence (AGI). Critics argue that focusing on safety rather than pushing AGI development would be a more responsible approach. Altman acknowledges the importance of safety progress but believes capability progress is necessary to ensure safety. He advocates for a global regulatory framework similar to the International Atomic Energy Agency, which would coordinate research efforts, establish safety standards, monitor computing power dedicated to AI training, and possibly restrict specific approaches.
Risks of AI Systems
While AI holds tremendous promise, it also presents risks that must be carefully considered. One of the major concerns is the development of artificial general intelligence (AGI) without sufficient safety precautions. AGI systems with unchecked capabilities could potentially pose existential risks to humanity if they surpass human intelligence and become difficult to control. These risks include the concentration of power, misuse of technology, and potential for unintended consequences.
There are also fears surrounding AI systems’ impact on employment. As machines become more intelligent and capable of performing complex tasks, there is a risk that many jobs will become obsolete. This could lead to widespread unemployment and economic instability if steps are not taken to prepare for this shift in the labour market.
While these risks are certainly caused for concern, it is important to remember that AI systems also have tremendous potential to do good in the world. By carefully designing these technologies with ethics and human values in mind, we can mitigate many of the risks while still reaping the benefits of this exciting new frontier in technology.
Open AI Systems and Chatbots
Open AI systems like ChatGPT and chatbots have gained popularity due to their ability to engage in natural language conversations. However, they also come with risks. The reliance on large-scale training data can lead to biases, misinformation, and unethical use of AI. Ensuring open AI systems’ safety and responsible development mitigates potential harm and maintains public trust.
The Need for Global Cooperation
Sam Altman and other tech leaders emphasise the need for global cooperation to address the risks associated with AI development. They advocate for establishing a global regulatory framework for superintelligence. Superintelligence refers to AGI operating at an exceptionally advanced level, capable of solving complex problems that have eluded human comprehension. Such a framework would coordinate research efforts, enforce safety standards, monitor computing power, and potentially restrict specific approaches. International collaboration is essential to ensure responsible and beneficial AI development while minimising the risks of misuse or unintended consequences.
Can AI Systems Make the World a Better Place: Benefits of AI Systems
AI systems hold many benefits that can greatly improve human life. One of the most significant advantages of AI is its ability to process large amounts of data at a rapid pace. In industries such as healthcare, this has allowed for faster diagnoses and more effective treatments. Another benefit of AI systems is their capacity to learn and adapt over time. This allows for more personalised experiences in areas such as customer service, where AI-powered chatbots can provide tailored solutions based on an individual’s needs. Additionally, AI can potentially increase efficiency in various industries, from manufacturing to transportation. By automating repetitive tasks, human workers can focus on higher-level tasks that require creativity and problem-solving skills. Overall, the benefits of AI systems are numerous and promising for improving human life in various ways.
We must remember the impact of AI on education. It has already started to show its potential by providing personalised learning experiences for students at all levels. With the help of AI-driven systems like intelligent tutoring systems (ITS), adaptive learning technologies (ALT), and educational chatbots, students can learn at their own pace without feeling overwhelmed or left behind.
While there are certain risks associated with the development of AI systems, there are also numerous opportunities for them to make our world a better place. By harnessing the power of these technologies for good, we can create a brighter future for ourselves and generations to come.
Conclusion
The AI revolution presents both extraordinary opportunities and significant challenges for humanity. The benefits of AI, when developed responsibly, have the potential to uplift societies, improve quality of life, and address long-standing global issues. However, the risks associated with AGI demand careful attention and international cooperation. Governments, researchers, and industry leaders must work together to establish guidelines, safety measures, and ethical standards to navigate the path toward AI systems that serve humanity’s best interests and safeguard against potential risks. By taking a balanced approach, we can strive for a future where AI systems save humanity rather than destroy it.
In the vast, interconnected cosmos of the internet, where knowledge and connectivity are celebrated as the twin suns of enlightenment, there lurk shadows of a more sinister nature. Here, in these darker corners, the innocence of childhood is not only exploited but also scarred, indelibly and forever. The production, distribution, and consumption of Child Sexual Abuse Material (CSAM) have surged to alarming levels globally, casting a long, ominous shadow over the digital landscape.
In response to this pressing issue, the National Human Rights Commission (NHRC) has unfurled a comprehensive four-part advisory, a beacon of hope aimed at combating CSAM and safeguarding the rights of children in this digital age. This advisory dated 27/10/23 is not merely a reaction to the rising tide of CSAM, but a testament to the imperative need for constant vigilance in the realm of cyber peace.
The statistics paint a sobering picture. In 2021, more than 1,500 instances of publishing, storing, and transmitting CSAM were reported, shedding a harsh light on the scale of the problem. Even more alarming is the upward trend in cases reported in subsequent years. By 2023, a staggering 450,207 cases of CSAM had already been reported, marking a significant increase from the 204,056 and 163,633 cases reported in 2022 and 2021, respectively.
The Key Aspects of Advisory
The NHRC's advisory commences with a fundamental recommendation - a redefinition of terminology. It suggests replacing the term 'Child Pornography' with 'Child Sexual Abuse Material' (CSAM). This shift in language is not merely semantic; it underscores the gravity of the issue, emphasizing that this is not about pornography but child abuse.
Moreover, the advisory calls for the definition of 'sexually explicit' under Section 67B of the IT Act, 2000. This step is crucial for ensuring the prompt identification and removal of online CSAM. By giving a clear definition, law enforcement can act swiftly in removing such content from the internet.
The digital world knows no borders, and CSAM can easily cross jurisdictional lines. NHRC recognizes this challenge and proposes that laws be harmonized across jurisdictions through bilateral agreements. Moreover, it recommends pushing for the adoption of a UN draft Convention on 'Countering the Use of Information and Communications Technologies for Criminal Purposes' at the General Assembly.
One of the critical aspects of the advisory is the strengthening of law enforcement. NHRC advocates for the creation of Specialized State Police Units in every state and union territory to handle CSAM-related cases. The central government is expected to provide support, including grants, to set up and equip these units.
The NHRC further recommends establishing a Specialized Central Police Unit under the government of India's jurisdiction. This unit will focus on identifying and apprehending CSAM offenders and maintaining a repository of such content. Its role is not limited to law enforcement; it is expected to cooperate with investigative agencies, analyze patterns, and initiate the process for content takedown. This coordinated approach is designed to combat the problem effectively, both on the dark web and open web.
The role of internet intermediaries and social media platforms in controlling CSAM is undeniable. The NHRC advisory emphasizes that intermediaries must deploy technology, such as content moderation algorithms, to proactively detect and remove CSAM from their platforms. This places the onus on the platforms to be proactive in policing their content and ensuring the safety of their users.
New Developments
Platforms using end-to-end encryption services may be required to create additional protocols for monitoring the circulation of CSAM. Failure to do so may invite the withdrawal of the 'safe harbor' clause under Section 79 of the IT Act, 2000. This measure ensures that platforms using encryption technology are not inadvertently providing safe havens for those engaged in illegal activities.
NHRC's advisory extends beyond legal and law enforcement measures; it emphasizes the importance of awareness and sensitization at various levels. Schools, colleges, and institutions are called upon to educate students, parents, and teachers about the modus operandi of online child sexual abusers, the vulnerabilities of children on the internet, and the early signs of online child abuse.
To further enhance awareness, a cyber curriculum is proposed to be integrated into the education system. This curriculum will not only boost digital literacy but also educate students about relevant child care legislation, policies, and the legal consequences of violating them.
NHRC recognizes that survivors of CSAM need more than legal measures and prevention strategies. Survivors are recommended to receive support services and opportunities for rehabilitation through various means. Partnerships with civil society and other stakeholders play a vital role in this aspect. Moreover, psycho-social care centers are proposed to be established in every district to facilitate need-based support services and organization of stigma eradication programs.
NHRC's advisory is a resounding call to action, acknowledging the critical importance of protecting children from the perils of CSAM. By addressing legal gaps, strengthening law enforcement, regulating online platforms, and promoting awareness and support, the NHRC aims to create a safer digital environment for children.
Conclusion
In a world where the internet plays an increasingly central role in our lives, these recommendations are not just proactive but imperative. They underscore the collective responsibility of governments, law enforcement agencies, intermediaries, and society as a whole in safeguarding the rights and well-being of children in the digital age.
NHRC's advisory is a pivotal guide to a more secure and child-friendly digital world. By addressing the rising tide of CSAM and emphasizing the need for constant vigilance, NHRC reaffirms the critical role of organizations, governments, and individuals in ensuring cyber peace and child protection in the digital age. The active contribution from premier cyber resilience firms like Cyber Peace Foundation, amplifies the collective action forging a secure digital space, highlighting the pivotal role played by think tanks in ensuring cyber peace and resilience.
References:
- https://www.hindustantimes.com/india-news/nhrc-issues-advisory-regarding-child-sexual-abuse-material-on-internet-101698473197792.html
- https://ssrana.in/articles/nhrcs-advisory-proliferation-of-child-sexual-abuse-material-csam/
- https://theprint.in/india/specialised-central-police-unit-use-of-technology-to-proactively-detect-csam-nhrc-advisory/1822223/
Executive Summary:
A video purporting to be from Lal Chowk in Srinagar, which features Lord Ram's hologram on a clock tower, has gone popular on the internet. The footage is from Dehradun, Uttarakhand, not Jammu and Kashmir, the CyberPeace Research Team discovered.
Claims:
A Viral 48-second clip is getting shared over the Internet mostly in X and Facebook, The Video shows a car passing by the clock tower with the picture of Lord Ram. A screen showcasing songs about Lord Ram is shown when the car goes forward and to the side of the road.
The Claim is that the Video is from Kashmir, Srinagar
Similar Post:
Fact Check:
The CyberPeace Research team found that the Information is false. Firstly we did some keyword search relating to the Caption and found that the Clock Tower in Srinagar is not similar to the Video.
We found an article by NDTV mentioning Srinagar Lal Chowk’s Clock Tower, It's the only Clock Tower in the Middle of Road. We are somewhat confirmed that the Video is not From Srinagar. We then ran a reverse image search of the Video by breaking down into frames.
We found another Video that visualizes a similar structure tower in Dehradun.
Taking a cue from this we then Searched for the Tower in Dehradun and tried to see if it matches with the Video, and yes it’s confirmed that the Tower is a Clock Tower in Paltan Bazar, Dehradun and the Video is actually From Dehradun but not from Srinagar.
Conclusion:
After a thorough Fact Check Investigation of the Video and the originality of the Video, we found that the Visualisation of Lord Ram in the Clock Tower is not from Srinagar but from Dehradun. Internet users who claim the Visual of Lord Ram from Srinagar is totally Baseless and Misinformation.
- Claim: The Hologram of Lord Ram on the Clock Tower of Lal Chowk, Srinagar
- Claimed on: Facebook, X
- Fact Check: Fake
