NEWS: Growing concerns over the security of India's Critical National Infrastructure (CNI) due to rapid integration of AI, IoT, and Operational Technology (OT) networks

About CNI

• Critical systems/assets whose disruption can severely impactàNational Security, economic Stability, public Safety, public Health
• Protected through National Critical Information Infrastructure Protection Centre (NCIIPC) under the IT Act, 2000.

Major Threats

• IT–OT–IoT Convergence → Larger cyber attack surface
• Supply Chain Risks → Foreign hardware/software vulnerabilities
• Weak IoT Security → Default passwords, poor authentication
• Quantum Threat → Future decryption of today's encrypted data
• Cascading Failures → Attack on one sector affects multiple sectors
• Legacy Systems → Outdated software and weak compliance

India's Initiatives

• National Critical Information Infrastructure Protection Centre -NCIIPC → Nodal agency for CII protection
• CERT-In Cyber Drills → Simulated cyber-attack preparedness
• I4C-Indian Cybercrime Coordination Centre → Cybercrime coordination and response
• Trusted Telecom Portal → Trusted 5G equipment procurement
• IndiaAI Mission → Indigenous AI infrastructure

Way Forward

• Adopt Post-Quantum Cryptography (PQC)
• Implement Zero-Trust Architecture (ZTA)
• Promote Silicon Sovereignty through domestic chip manufacturing
• Establish a Unified Cyber Command

Strengthen cybersecurity awareness and skilled workforce