Indian Mission to ASEAN

Jakarta

Ambassador’s remarks at the Third ASEAN-India Track 1.5 Dialogue on Cyber Issues

Good Morning and Good Afternoon from Jakarta!

Since the event is taking place on the auspicious day of Eid, let me wish all participants Eid Mubarak.

2. Let me thank the Observer Research Foundation for organizing the Third ASEAN-India Track 1.5 Dialogue on Cyber Issues and for giving me the opportunity to share a perspective from Indian Mission to ASEAN in Jakarta.

3. Before assuming the charge of India’s Ambassador to ASEAN, I was heading Passport Seva Programme Division in the Ministry of External Affairs. The programme is one of the best examples of Digital India. I may mention that there have been more than 5000 attempted attacks on the Programme infrastructure every day, of course, not even one of them met with any success. According to India’s Computer Emergency Response Team, which is known as CERT-In, in the year 2020 alone there had been 11 lakh, 58 thousand incidents of cybercrime ( almost 100,000 incidents per month) which included website intrusion, malware propagation, Malicious code, Phishing, distributed denial of service attacks, website defacements, unauthorized network scanning/probing activities, ransomware attacks, data breach and vulnerable services. India is not an exception, this is happening globally.

4. Digital sector has been growing at a fast pace even before Covid-19 pandemic hit us but this pandemic added new dynamism as it gave boost to virtual communications, data flow, virtual meetings, like the today’s one and to the increased e-commerce. The economies after becoming digital have been advancing to higher level of technologies through the use of Artificial intelligence, block chains, Fintech, Internet of Things, cloud computing etc. To continue this momentum uninterrupted, the role of 5G infrastructure, encryption and securing the infrastructure has become more critical. In this context I must compliment the organizers for rightly choosing to focus on these topics of Encryption, 5G Infrastructure and Securing Critical Infrastructure, as these aspects are relevant in health, education, agriculture, finance, logistics, e-commerce, Science and technology, tourism and a range of other sectors and touch everyone’s life as an individual, institutions, industry and governments.

5. Let me now try to put this discussion in the framework of ASEAN-India context.

6. Together, ASEAN and India have more than a billion internet users and are among the world’s fastest-growing digital economies. As we get digitally more and more connected, these challenges cannot be addressed by a country alone.

7. ASEAN has already done a lot of thinking, which is reflected in various statements, documents and initiatives: If we look at the ASEAN LEADERS’ STATEMENT ON CYBERSECURITY COOPERATION issued in 2018, two aspects get distinctly highlighted:

Importance of sharing approaches;

1. Cooperation in Capacity building :
2. In general, the capacity building has both the aspects of technological upgradations and enhancing human skills including through creating awareness.

8. When we look at cooperating with ASEAN within the ASEAN structure, we may note the following three structures:

1. For the Microelectronics & Information Technology sector, the priority areas of cooperation are artificial intelligence, block chain, cloud and edge computing, the Internet of Things, big data processing and analytics, cyber security, embedded systems and sensors, robotics and automation, telecommunications and microelectronics.
2. Cyber security issues related to defence and military establishments fall under the purview of the ASEAN defence leadership. Priority areas of cooperation under this sector aim to: (i) enhance awareness on cyber security challenges; (ii) leverage capabilities among ASEAN Member States and its external partners; (iii) develop cooperative mechanisms and solutions in a coordinated manner. 

1. Under the oversight of the ASEAN Ministerial Meeting on Transnational Crime (AMMTC), the Senior Officials Meeting on Transnational Crime (SOMTC) covers the issue of cybercrime cooperation in the SOMTC Work Programme to Implement the ASEAN Plan of Action to Combat Transnational Crime. The Work Programme focuses on several areas, such as exchange of information and knowledge, including on relevant laws and regulations of the ASEAN Member States; public awareness building; capacity building activities for law enforcement officials, particularly on cybercrime forensic capabilities; and promotion of cooperation with external partners. 

9. ASEAN has already done work in fostering greater regional cybersecurity cooperation and capacity building, including law enforcement training on cybersecurity and cybercrimes through efforts such as the ASEAN Ministerial Meeting on Transnational Crime (AMMTC), ASEAN Telecommunications and Information Technology Ministers’ Meeting (TELMIN), AMCC, ASEAN Cyber Capacity Programme, ASEAN Regional Forum (ARF) Inter-Sessional Meeting on ICT Security and the ADMM-Plus Experts’ Working Group Meeting on Cyber Security. ASEAN also cooperates with their Dialogue Partners including India through these ASEAN led structures.

10. When we look at the ASEAN India cooperation, I must mention that the Plan of Action 2021-25 approved by the Foreign Ministers of ASEAN and India and noted by the leaders identifies cooperation in the IT Sector as one of the areas:

Information and Communication Technology (ICT) 41. Promote further ICT cooperation through relevant mechanisms, including capacity building and knowledge sharing, in areas such as e-commerce, Artificial Intelligence, Fourth Industrial Revolution, Internet of Things (IoT) & 5G, ICT in Disaster Management, Creating smart societies through ICT, Cyber Forensics, Next Generation Transmission Technologies, Future Trends in Mobile Communication, Advanced Satellite Communication and Regulatory and Policy issues; Strengthen cooperation, capacity building, and policy coordination on cybersecurity, including in personal data protection and support the implementation of the ASEAN Cybersecurity Cooperation Strategy by engaging relevant ASEAN mechanisms and institutions; Promote sustainable and inclusive economic growth and prosperity through increasing digital trade, entrepreneurship, preparing MSMEs for digital transformation and developing a digital-ready workforce equipped for the Fourth Industrial Revolution

11. While India is involved in cooperation in the field of cyber security through ADMM plus, ARF processes; we are also working on these areas under the Transnational Crime Framework and Telecommunication and IT Ministers’ Meeting.

12. ASEAN and India, we already have a structural mechanism for Digital cooperation with ASEAN at Working Group level, Senior Official Level and Minister Level. Department of Telecom, Ministry of Electronics and Information Technology is the coordinating agency from India. Currently, we also have annual action plans which is approved by ASEAN-India Digital Ministers Meeting. ASEAN-INDIA ICT WORK PLAN 2021 is under progress. Under ASEAN-India Fund, we have taken up several projects for cooperation this sector. Currently, Department of Telecom and ASEAN Secretariat have been working on to develop project proposals for a few training courses including on ‘Cyber Forensics’ and ‘5G and its Potential Use Cases’ among others.

13. While this is happening within the ASEAN-India structural framework, there are huge opportunities with the individual ASEAN Member States within the bilateral framework. Without going into the details I would like to add that there is a substantial presence of Indian IT companies in the region. I am quite sure that these companies are actively involved in cyber-security cooperation.

14. Physical and digital connectivity between India and ASEAN is the priority of Government of India. Hon’ble Prime Minister of India has announced a Line of Credit worth USD 1 billion for enhancing both physical and digital connectivity.

15. To sum up, I would urge the panelist to inter alia focus on:

1. How can we share our approaches in the areas of Encryption, Trusted and Resilient 5 G Infrastructure, securing Critical Infrastructure through regular interactions, seminars and conferences;
2. Identifying capacity building programmes in these areas; The above two could be done through the institutional set-up of MEITY and under ASEAN-India Fund as mentioned above;
3. To identify commercial projects on building secured infrastructure by utilizing the Line of Credit offered by Government of India.

I wish the forum a success.

Thank you very much.

x-x-x

Topics for discussion:

The Road Ahead for Encryption

Encryption globally is caught in the friction between security and privacy, with a wide range of debates interwoven into policy. Encryption is a complex issue, and intersects with disinformation, the security of public digital infrastructure, law enforcement and platform regulation. Stakeholders have suggested alternatives to breaking encryption, including client-side scanning, hashing constants and other measures that facilitate traceability. What is the feasibility of privacy-preserving alternatives? Can India, ASEAN and the broader global community agree upon a set of baseline encryption standards?

Trusted and Resilient 5G Infrastructure

5G is the backbone of much of the world’s bids to secure their space in the Fourth Industrial Revolution, a fact that is reflected in nationwide strategies for 5G rollouts. The debate over 5G has underlined the need for complete supply chain security of our communications networks. What are possible pathways of cooperation between the countries of ASEAN and India on creating a secure 5G ecosystem? Can the two geographies agree on specific parameters and definitions of “trustworthy” suppliers and vendors? Could the two foster competitive homegrown alternatives?

Securing Critical Infrastructure

A spate of prominent ransomware attacks on critical infrastructure in past year, including healthcare providers, pipelines and electricity grids points to a dangerous new normal. In this vein, the UN GGE on Cyber recently proposed additional norms on obligations of states viz damage to critical infrastructure and responding to requests for assistance in investigating such attacks, accounting for due regard to sovereignty. How can India and ASEAN help strengthen norms around “bright red lines” relating to critical infrastructure? Can the two engage in capacity building exercises for critical sectors like power and health?