The government has sanctioned 111 posts of cyber security professionals for the Indian computer emergency response team (ICERT) under the ministry of electronics and information technology (MEITY), according to a ministry official, who added that the posts were sanctioned earlier this year.
The recruitment for the ICERT has been pending for at least five years and it is expected to strengthen the cyber incident response team, which is often criticised for not doing enough for cyber security. At present, ICERT functions with the help of approximately 20 regular staff, and a score of contractual staff, the official said.
Since the release of national cyber security policy 2013, the governments have made several announcements to beef up cyber security but have fallen short in their implementation. In 2015, the cabinet had approved over Rs 800 crore to set up the centre.
According to minister Ravi Shankar Prasad, the proposed multi-agency National Cyber Coordination Centre (NCCC) is expected to set up in June. The centre aims to provide near real time situational awareness about cyber threats and enable ‘timely information sharing for proactive, preventive and protective actions’. The centre will have participation from the intelligence bureau, research and analysis wing, military intelligence, three military services, central bureau of investigation, and national technical research organisation.
The recruitment for the first batch of scientists for the NCCC is under process, the official said. The ministry had put an advertisement inviting applications for the recruitment of 25 ‘scientist B’ category officials. These recruits may be joining the NCCC, another official said. Of the total sanctioned posts, a majority of the positions is expected to be allocated to the cyber coordination centre.
A set of posts will be set aside for the Botnet Cleaning Centre (or Cyber Swachhta Kendra), which was launched in February. The aim, according the government, is to detect and clean infected systems in the country. The centre is initiated in coordination with the internet service providers and industry.
In reply to a question on the proposed steps to strengthen ICERT in Lok Sabha in December, the ministry said, “The ministry of finance has approved creation of 20 new posts for Botnet Cleaning Centre under CERT-In and revival of 26 deemed abolished posts.”
The remaining posts will be allocated to the ICERT team, the official said. ICERT was allocated Rs 35 crore for the year 2016-17.
Under the IT Act, ICERT has to carry out a wide range of activities: data collection and analysis, sharing of advisories with people, organisations and critical facilities, incidence response, forecasting, coordination of cyber incident response, mock drills and issuing of guidelines and vulnerabilities, among others.
So far ICERT has organised 41 workshops for ministries, departments, states and UTs and critical organisations to sensitise them about the cyber security threat landscape and enabling them to prepare and implement the Cyber Crisis Management Plan, the ministry told the Parliament in December.
“Cyber security mock drills are being conducted regularly to enable assessment of cyber security posture and preparedness of organisations in government and critical sectors. So far 11 such drills have been conducted by ICERT where 110 organisations from different sectors such as finance, defence, power, telecom, transport, energy, space and IT/ITeS participated,” the ministry said.
At present, only a small, core team of officials at ICERT carry out a significant part these activities. If things go as planned, it is likely that ICERT’s combined strength will be over a 100 personnel in another one year.