New Delhi: Advocating strongly for the need for ‘an effective cyber deterrence strategy’, Dr Arvind Gupta, Deputy National Security Advisor, today said that “an effective cyber deterrence strategy will include deterrence by denial, as well as penalty by punishment.” Dr Gupta was delivering a keynote address on the penultimate day of the 18th Asian Security Conference on ‘Securing Cyberspace: Asian and International Perspectives’, at the Institute for Defence Studies and Analyses (IDSA).
Drawing a parallel between nuclear deterrence and cyber deterrence, Dr Gupta pointed out that that unlike nuclear deterrence, where both sides are fairly aware of the nature, scope and size of each other’s nuclear arsenal and means of delivery, cyber deterrence suffers from lack of attributability, with multiple actors operating in cyberspace in complete anonymity.
Speaking further, Dr Gupta said that for the success of cyber deterrence, it is essential that a State defines its thresholds through appropriate signalling. “A potential attacker should know that retaliation would be severe and unacceptable if redline is crossed,” he insisted, adding that indicating redlines would depend upon a country’s capabilities and intent.
With nearly 400 million internet users, India cannot remain oblivious to cyber threats, noted Dr Gupta. The country’s future progress and growth is linked with the expansion of digital networks, overcoming digital divides, and ensuring that robust cyber security policies are adopted right from the beginning, he added.
Several measures have been initiated by the government, including implementation of a National Cyber Security Policy, pursuit of cyber diplomacy with other countries through cyber security dialogues, and development of cyber security skills in the country, Dr Gupta pointed out. India cannot afford to be complacent in the face of growing threats and evolving technologies, he cautioned, adding that India should closely study the evolution of cyber deterrence idea. “Building cyber deterrence capability would entail building robust networks that can be defended, encouraging comprehensive R&D in the area of  cyber security, and strengthening indigenous manufacturing of ICT products and technologies,” noted Dr Gupta.
Strengthening of cyber diplomacy to ensure that India is not at the receiving end of the emerging ICT Export Control Regimes under the Wassenaar Agreement, in-depth analyses of the pattern of cyber attacks against the country, and building suitable response measures were also cited by Dr Gupta as critical for India’s Cyber Security policy.
Dr Gupta said that India would also need to take note of the increasingly assertive cyber security policies being adopted by other countries to work out its own cyber security policy.
Advocating the need for a cyber convention on cyber security, Dr Gupta insisted that the international community needs to come together to discuss how to deal with threats in cyberspace which are growing exponentially.