The Secretary of the Ministry of Electronic and Information Technology (MeitY), Alkesh Kumar Sharma, inaugurated the G20 Cyber Security Exercise and Drill for over 400 domestic and international participants as part of India’s G20 presidency.
The Indian Computer Emergency Response Team (CERT-In) held the Cyber Security Exercise and Drill in a hybrid format. International participants from over 12 countries participated online. Domestic participants from various sectors like finance, education, telecom, ports and shipping, energy, IT/ITeS, and others attended both in person and virtually.
Speaking at the event, Sharma highlighted the fact that cyber incidents are becoming increasingly sophisticated and disruptive. They have transnational impacts and there is a pressing need for collaboration to build collective resilience against cyberattacks.
Sivagami Sundari Nanda, the Special Secretary of the Ministry of Home Affairs (MHA), stressed the importance of a government-wide response to address cyber challenges, including cooperation with law enforcement agencies both domestically and internationally.
The event held a strategic tabletop exercise (TTX) and an operational drill using a CERT-In exercise platform. The first tabletop exercise catered to board and top management and was themed Synergy to counter Global Cyber Crisis. It focused on crisis management and crisis communication.
The second tabletop exercise, an operational drill was designed for CISO and mid-management, themed Building Collective Cyber Resilience. The scenario for the exercise, which included cyber extortion, data breach, supply chain attacks, and disruptions was derived from real-life cyber incidents, in which domestic-level (limited impact) incidents escalated to a global cyber security crisis. The exercises were successful in meeting their objectives and provided insights on enhancing and improving crisis management, crisis communication, incident response, and global coordination and cooperation.
Cybersecurity plays an increasingly important role as the world becomes more reliant on technology. Cybersecurity forms the backbone of a strong digital society, providing a trusted environment necessary to grow digital transformation and the confidence needed to advance digital adoption. Concurrently, strong cyber capability protects the economy from losses due to cybercrimes and builds the foundational capability to grow the emerging digital technology sector.
India has worked with several countries to build resilience against cyberattacks. Last year, CERT-In and the Cyber Security Agency of Singapore (CSA) designed and conducted the cybersecurity exercise “Synergy” for 13 countries. The initiative was part of the International Counter Ransomware Initiative-Resilience Working Group, which was led by India under the leadership of the National Security Council Secretariat (NSCS).
The theme of the exercise was ‘Building Network Resiliency to counter Ransomware Attacks’. Similar to the G20 cybersecurity drill, the exercise scenario was derived from real-life cyber incidents. As OpenGov Asia reported, the specific objective of the exercise was to assess, share, and improve strategies and practices among member-states to build network resiliency against ransomware and cyber extortion attacks.
The exercise ‘Synergy’ was hosted by CERT-In on its exercise simulation platform. Each state participated as a National Crisis Management Team, which was made up of different government agencies including National CERTs/CSIRTs, law enforcement agencies (LEA), communication and IT/ICT ministries, and security agencies.
CERT-In was launched in 2004 by the Department of Information Technology and is currently run under the Ministry of Electronics and Information Technology. CERT-In responds to cybersecurity incidents, reports on network vulnerabilities, and fosters effective IT security practices throughout the country. Under the provisions of the Information Technology Amendment Act 2008, CERT-In oversees the administration of the Act.