While extensive digitalisation has made lives more convenient, it has also amplified the vulnerabilities making devices and data susceptible to unauthorised breaches. Despite popular notions of cyberspace as an abstract and intangible environment, cybersecurity depends on the individual’s actions. The human element of cybersecurity cannot be ignored as it is often identified as the ‘weakest link’ in cybersecurity. Several studies have concluded that cyber-attacks succeed not so much because of technical vulnerabilities but because of human error.1
According to a report by the World Economic Forum, 95 per cent of cybersecurity incidents occur due to human error.2 Further exacerbating the issue, most governments have failed to prioritise cyber awareness within their national cybersecurity strategies.3 Evidence has shown that teaching basic cybersecurity skills such as strong passwords, identifying phishing scams and understanding the significance of data can dramatically improve the safety and security of the digital infrastructure.
Given the more significant role of individuals in ensuring a safe and secure digital space, there is a need to close the human error gap through education. While multilateral forums like G20 and the Quadrilateral Security Dialogue (Quad) are more commonly associated with government-to-government collaboration, their name recognition provides a useful entry point for creating awareness on cybersecurity issues for the common man.
In February 2023, the Ministry of Electronics & Information Technology (MeitY) inaugurated the G20 Cyber Security Exercise and Drill for domestic and international participants to provide insights on enhancing crisis management, crisis communication and to collectively build joint resilience to respond to cyber incidents.4 It also launched the ‘Stay Safe Online’ campaign intended towards raising awareness among citizens.5
The much-needed initiative is pertinent in the case of India because of the widespread use of social media platforms and the rapid adoption of digital payments within the country. In fact, according to some statistics, India was the most frequently targeted country in the world with cyber attacks on government agencies alone rising to 13.7 per cent in 2022 from 6.3 per cent in 2021.6 The Union government’s Cyber Crime Portal has also been receiving over 3,500 complaints of financial fraud a day highlighting the severity of situation.7 In 2022, according to government agencies, there were a total 13.91 lakh cybersecurity incidents reported in India, which is a substantial increase compared to previous years.8
To close the human error gap and with an objective for a broader outreach, the ‘Stay Safe Online’ campaign involves disseminating content through infographics, puzzles and short videos in English, Hindi and other local languages. Besides this, various promotion and outreach activities are being carried out throughout the year with the involvement of critical stakeholders, including Union ministries, industry, NGOs, etc. The campaign covers various issues including browser security, cyberbullying, data security, email security, internet ethics, and Know Your Customer (KYC) fraud.9 The themes primarily deal with the quotidian digital activities of individuals and seeks to inform them about safe and secure practices in cyberspace.
Similarly, Quad has also been an active forum to discuss cybersecurity issues and challenges. The Quad, which comprises India, Japan, the United States and Australia, is a strategic alliance that focuses on promoting a free and open Indo-Pacific region. In February 2023, the Quad unveiled a new public campaign aimed at promoting greater awareness of cybersecurity and enhancing the resilience of digital infrastructure.10 The ‘Quad Cyber Challenge’ campaign was inaugurated to invite people across the Indo-Pacific and beyond to join the challenge and pledge to practice safe cyber habits.11
The initiative is tailored to provide resources such as basic cybersecurity information and training for participants. It globally unites governments, corporations, non-profits, universities, and schools on the issue of securing cyberspace. The campaign also encapsulates “the spirit of the Quad” to strengthen cooperation against the existing challenges, including cybersecurity.12 In India, the campaign is being coordinated by the National Cyber Security Coordinator with National Security Council Secretariat (NSCS).
The National Cyber Security Coordinator’s office leading the campaign highlights the importance of collaboration between these nations to address the challenges posed by cyber threats. Cybersecurity is a critical issue that affects individuals, businesses and governments alike and enhancing cybersecurity in the Quad grouping is vital to protect critical infrastructure, prevent cyber attacks and maintain trust and confidence in the digital ecosystem. This is in line with the Quad’s broader objective of upholding a
free, open, inclusive, prosperous and peaceful Indo-Pacific region based on the principles of respect for sovereignty, territorial integrity, international law and the rules-based international order.13
The member countries have realised the importance of factoring cybersecurity to appreciate this broader objective. For instance, the Quad Foreign Ministers’ statement on ransomware reaffirmed their shared commitment
…to an open, secure, stable, accessible and peaceful cyberspace and supported regional initiatives to enhance the capacity of countries to implement the UN Framework for Responsible State Behavior in Cyberspace.14
The statement also reiterated the commitment to cooperate on capacity-building programmes and initiatives to improve resilience against ransomware attacks.
As attackers become more sophisticated, the challenges of managing cyber risks and maintaining good cyber hygiene will increase exponentially. Given that personal cybersecurity requires some effort and thought, educating individuals about cybersecurity is an essential step towards the larger goal of securing and maintaining a resilient cyberspace.
Views expressed are of the author and do not necessarily reflect the views of the Manohar Parrikar IDSA or of the Government of India.