Opinion: Deeper India, US ties should include cybersecurity, too
With plenty of fanfare in Delhi, Indian Prime Minister Narendra Modi announced in January听the $1.5 billion听听to enhance India's economic growth and expand Internet access nationwide.
It seems that Mr. Modi rightly believes in the power of technology to facilitate his country's economic development. Increased connectivity can help Indians deliver goods and services across the country and participate in the global economy.
Yet the march of technology is not all wine and roses: Expanding connectivity brings increased vulnerability to cyberattacks, including to critical infrastructure, such as the recent attack on Ukraine鈥檚 power grid that resulted in widespread blackouts. India faces real cybersecurity challenges that could impact its national security and economic wellbeing.
That's just one of the reasons why听Washington and New Delhi should move swiftly to develop a robust and multifaceted cybersecurity relationship. Given the vitality of the United States-India partnership and the increasing cyberthreat to the听national security and economic interests of听both countries, the time is right for the two countries to expand their cybercooperation.
There's strong strategic rationale for doing so. The US's and India鈥檚 shared democratic values form the foundation of an already strong听听鈥 announced in 2014. The two countries cooperate on an array of issues from stability in听听to curtailing听听and strengthening听maritime security. They share close people-to-people ties and cultural values, as well as a commitment to growing their technology sectors and ensuring an open, secure, and resilient cyberspace.听
India has already publicly听signaled its embrace of a free, open, and secure Internet through its commitment to a multistakeholder model of Internet governance. It can build off of听that foundation by working with like-minded states to set and abide by transparent rules of the road for state actions, including military operations, in cyberspace.
India already plays a key security role in the Asia-Pacific and is a vital part of the US long-term diplomatic and military engagement in the region. Increasing collaboration between the two countries in cybersecurity听is a natural next step in building a regional security system that emphasizes cooperation over competition, clarity over uncertainty.听
Closer US-India cyber cooperation makes sense for economic security too. Today the US economy derives anywhere from 3 to 15 percent of business value add from the tech sector. In听,听more than 10 million people are employed in technology, which is growing at 11 percent annually and expected to top $350 billion by 2025.
What's more, strong links already exist between the US and Indian technology sectors: Microsoft earns approximately $1 billion a year in India through its 5,000-person team based there. The company recently opened a听听in Gurgaon to help protect India's critical infrastructure. India is succeeding in attracting other leading technology companies to India as well 鈥 Uber has a strong presence and Netflix听听in January.听
Collaboration between India and the US could help both countries make better policy decisions on pressing topics, including the balance between strong听听and law enforcement requirements,听听in cyberspace, and deterrence.
India's influence in the developing world and its key voice in international venues give it credibility that the US can sometimes lack. Civil society groups in both countries 鈥 think tanks, universities, and nonprofits alike 鈥 have a critical role to play in developing policies in partnership with government and the private sector. Together these groups can help find the right balance among different values and interests 鈥 in privacy, commerce, and security 鈥 that are all implicated in cybersecurity policy debates in India and the US.听
India and the US should take several concrete steps to deepen their cyber cooperation in 2016: 听
First, they should commit to building ties between the people and organizations entrusted by听government, the private sector, and civil society to keep cyberspace open, secure, and resilient. This includes nurturing the talent required to carry out the seven core functions identified by the US听.
It also means training the developers and programmers demanded by the private sector, as well as the policy and legal experts required by government and civil society. Experts should ideally be educated in a multidisciplinary setting such that they are conversant in both the technical and nontechnical aspects of cybersecurity. Collaboration between multidisciplinary cybersecurity programs such as UC Berkeley鈥檚听听and leading Indian educational centers can help in this endeavor.
To succeed, both countries must create opportunities for capable engineering and cybersecurity talent from the private and academic sectors to serve the public interest. For cyber positions, India struggles with attracting talent away from nicer climates, offering听more lucrative salaries, and the often more dynamic private sector work environment.
听The US faces similar challenges in convincing leading technology talent to step away from high-salary jobs in places like sunny California to serve in government or the nonprofit sector.
Leaders in both countries should encourage their citizens to join government for temporary cyber-related duties and make it easier to do so through mechanisms akin to the听. In addition, the Department of听Defense听听to engage with US tech companies. India could create a similar mechanism for outreach in Bangalore or Pune.听听
Second, the two countries should cooperatively develop concepts for cyberdefense and national security strategy in cyberspace.听Shared concerns about China's cyberactivities provide a good starting place for conversation. Discussions should also include the development of clear agency responsibilities, the governance of offensive cyber operations, the role of declaratory policy, and steps for managing conflict escalation. 听听
Think-tanks in both countries should play a key role in helping develop cyberstrategies. Several think-tanks in the US, including the Carnegie Endowment for International Peace through its听project on norms for听, are helping governments explore questions of cyber strategy. The upcoming US-India Track 1.5 Dialogue is听a perfect opportunity for US and Indian experts from academia, civil society, and the government to think through strategic issues. 听听
Third, the two countries should hold exercises to deepen their understanding of the threat and identify roles for public and private organizations to play during an incident. Exercises should focus on information sharing and contingency planning for preventing and if necessary responding to a destructive cyberattack. Companies are a first line of network defense in an incident, but there may come a time for government to step in as well.听
The final year of the Obama administration offers a promising opportunity for India and the US to deepen their cybersecurity cooperation. Taking meaningful steps to help ensure and defend an open, secure, and resilient cyberspace will promote both nations鈥 national security, but also their economic prosperity.
Jonathan Reiber is a senior fellow at Berkeley鈥檚 Center for Long-Term Cybersecurity and former chief strategy officer for cyber policy in the Office of the US Secretary of Defense. Follow him on Twitter听.
Eli Sugarman is the Cyber Initiative program officer for the William and Flora Hewlett Foundation and formerly a foreign affairs officer at the US Department of State. Follow him on Twitter听.
听
