With the establishment of the National Critical Information Infrastructure Protection Centre (NCIIPC) in 2014, India has taken an important measure towards strengthening its cybersecurity. But while the establishment of NCIIPC as such is a positive step forward, several shortcomings mark, however, its implementation. In this paper, I will first briefly outline the origin and development of NCIIPC and will then go on to critically examine three challenges or limitations in particular: NCIIPC’s command and control structure; fallacies in the framework that was used to rank sectors in order of criticality; and the absence of sector-specific guidelines and standard operating procedures (SoPs). As we will see, each of these contributes to important vulnerabilities remaining in India’s critical information infrastructure (CII).
India’s stances in global Internet governance debates have often been noted, and criticised, for their strong preference for multilateral models of engagement, as different from the multistakeholder approaches that are so well-established in the field. But where does this predilection towards multilateral engagement come from? This paper maps the economic, political and historical antecedents of India’s evolving position on global Internet governance as they are shaped by its concerns on cybersecurity, by its domestic context and by its overall influence on global events as they unfold. Through this analysis, the paper hopes to contribute to a greater understanding of both India’s cybersecurity concerns and of the ways in which India approaches global Internet governance as it has emerged as one possible venue to address these pressing issues. You can view and download the paper as a PDF on our Google Drive here.