India's cybersecurity brochure proposal criticized by hardware firms

Government proposal for all hardware to include brochure to raise awareness against cyberthreats draws concerns over supply chain logistics.

The government of India has asked for every computer hardware sold in the country to include a cybersecurity brochure but manufacturers are concerned it could give rise to logistical issues.

According to The Economic Times on Friday, Kapil Sibal, India's communications and IT minister had put forth a proposal to have every desktop computer, mobile phone, modem or USB stick to come pre-packaged with the "Cybersecurity Awareness Brochure", in a bid to generate greater awareness of cyberthreats.

The proposal is believed to have come from a joint working group set up by India's National Security Council Secretariat, which is examining ways of increasing public-private collaboration to strengthen India's cybersecurity preparedness.

Logistical "nightmare" for hardware firms
However, hardware firms briefed by the government on this plans are concerned they may face logistical hassles while dealing with imported products. Inserting a brochure into a product such as a mobile phone could disrupt normal supply chain logistics.

An unnamed senior industry executive told the Indian news site brochures will have to be inserted at the seaport or airport before mandatory customs clearance or at the time of packaging itself.

Mohandas Pai, an IT industry veteran and chairman of the Karnataka state government's panel on information and communication technology, described the idea as "silly" to the Indian news site. If the government wanted citizens to pay attention to cybersecurity, they themselves should first have credibility, he explained.

"Government Web sites continue to get attacked as a matter of regular routine. Authorities should first try to secure those before intruding into citizens' life by offering pamphets," he said.

Another anonymous senior industry executive, who attended a meeting convened by India's department of information technology, pointed out that for USB storage devices, the brochure would be bigger than the product itself. This could mean manufacturers may have to change the entire packaging, he said.

"Raising public awareness about cybersecurity is good, but I'm not sure this is thebest way to do it," the senior industry executive said.

At the moment, industry executives are negotiating with authorities to reach a consensus on this proposal, which Sibal wanted to roll out at the beginning of the year.

Sibal and his deputy Milind Deora, did not respond when contacted by the Indian publication.

The move comes after a spate of cyberattacks on government Web sites and the increasing concern among authorities to prepare against emerging cyberthreats.

This is the latest in a series of implementations by the Indian government to beef up the country's IT security. India's Department of Telecom (DoT) yesterday revealed plans to build a nationwide secure fixed and wireless network for governmet use to ensure secred government communications. The country's Defense Research and Development Organization is also working on the country's own operating system (OS) to reduce dependence on foreign OS, which it says may contain security risks.