Padmalochan Dash
In the face of imminent threats from hybrid warfare imposed on India across spheres, the protection of critical infrastructure (CI) must be at the forefront of the country’s internal security management.
Infrastructure is said to be critical when, first, it is indispensable to the core functions of a country with that country remaining unavoidably dependent on it; and second, its failures necessarily lead to major detrimental outcomes.
CI is composed of those tangible infrastructure and intangible service networks on which a country has an unavoidable dependency – where any sort of damage or disruption even for a shorter period could have serious politico-economic and societal consequences requiring calamitous reparations.
The idea of considering some of the importantly identified infrastructure as critical is not new. This concept, which emerged in the USA earlier, was given statutory credence in the aftermath of the 9/11 terrorist attacks. The autopsy of the incident emerged with the precise conclusion that it was the CI which remained the most important attraction for terrorists to target.
This revelation invoked the US government to come up with specific initiatives by identifying certain sectors as ‘critical’ followed by prescribed measures for their safeguard. Over time, other developed countries followed suit, and as of today, globally, there are about 18 sectors identified as critical.
Securing CI has emerged to be a serious global concern attracting unrelenting action. Sectors which have been identified as well as notified as critical are chemical; commercial facilities; communications; critical manufacturing; dams, defence industrial base; emergency services; energy; financial services; food & agriculture; healthcare; information technology; nuclear-related facilities; transportation systems; water & wastewater management systems; and all major government facilities. The security of infrastructure covered under these identified critical sectors remaining in prominence has hard-pressed advanced nations to legislate special provisions of safety net. Also, several countries and international organisations like the United Nations have taken up specific measures toward protecting infrastructure of critical importance from cyber-physical assaults.
In this era of hybrid warfare, critical infrastructure protection (CIP) is taken up seriously on several international platforms. In the face of dangers inflicted by non-state actors, blanket plans of action are already in motion. Both governments and CI operators are now taking up several defensive measures, which India also needs to take up. In the wholesome planning of a country’s internal security management, the fortification of CI must remain at the forefront.
In the 21st Century, standalone infrastructure is swiftly transfiguring into inseparable entities in cyber-physical provinces. In this given scenario, it is obvious that failure or disruption at one CI domain will lead to failure of others in that entangled cyber-physical chain. When socio-economic interdependencies are transforming beyond geographic and national boundary limits, CI is inevitably exposed to complex cyber-physical risks.
Infrastructure in India is now embedding into an integrated global-economic network with the country’s critical production sectors at its core. The future of India’s sustained economic enhancement therefore depends upon the stability and safety of its CI.
When the future of a country’s economic progress remains directly linked to the resilience of its CI, the country’s security establishment has to provide the condition wherein i) incessant functioning of CI is ensured; ii) unrelenting functioning of critical supply-chains is guaranteed; and iii) all sets of plausible disruptions to their unrelenting functioning are preempted. Needless to say, without a surefire CIP programme in place, the country’s progress can never be assured.
In this era of hybrid warfare, while almost all critical sectors are at risk, there is a pressing need for India to think of appropriate CIP initiatives. Protection of CI from terrorism, hybrid warfare, and cyber-physical risk exposures is the need of the hour. The problem is, while there are threats to India’s CI, the country is yet to take up its protection seriously. Although the National Critical Information Infrastructure Protection Centre has been created for the purpose, its jurisdiction seems to be narrow and its function seems to be very much limited to critical information protection. It is incumbent upon the Union government to think of a comprehensive plan for the cyber-physical fortification of the country’s CI.
When it comes to CIP, the country is still in its infancy and yet to consider globally identified sectors and notify them as critical. Further, a comprehensive cyber-physical security vision document is yet to be deliberated in length. An appropriate and all-encompassing CIP policy must be comprehended. By keeping CIP at its core, the country’s internal security management must transform accordingly.
The writer is ICSSR Post-Doctoral Fellow, School of National Security Studies, Central University of Gujarat.