Governance & Risk Management , Incident & Breach Response , Information Sharing

Gulshan Rai to Head Cybersec at PMO

CERT-In's Chief to be Special Secretary, Cybersecurity
Gulshan Rai to Head Cybersec at PMO
Dr Gulshan Rai

Multiple sources say CERT-In director general, Dr Gulshan Rai is about to be formally named to a new role, the equivalent of special secretary heading the cybercrime and cybersecurity center at the prime minister's office.

Internal sources at the Department of Electronics and Information Technology say that the talks about appointing Dr. Rai have been ongoing for a year now. It's finally been decided to escalate him to special secretary's rank at the PMO to handle India's cybersecurity. Dr. Rai is expected to be responsible for laying down policies and guidelines to protect the critical ICT infrastructure and co-ordinate with cybersecurity agencies in implementing the same.

See Also: Building Security from Within: Empowering Software Teams for Resilience

ISMG reached out directly to Dr. Rai, who declined to confirm or deny this new appointment.

"I am not sure of this move, as I do not have any official letter from the government," he says.

However, Dr. Rai agreed that this move has been in the cards for some time. "There are two things: one to get an official letter for me to really confirm the news, and second, the relieving date should be clear, right?"

Long-Discussed Move

Sources say that Dr Rai will assume the new role in the next few days. They also say that the discussion to bring in Dr. Rai comes in the wake of Prime Minister Narendra Modi stating his concerns about cybersecurity and the proposed danger it holds for India during his address at Nasscom's 25th anniversary.

Meanwhile, DeitY, under the ministry of communications and information technology, has put up an advertisement on its official website calling for candidates to fill the post of director general, ICERT, at New Delhi - the current post held by Dr Rai.

Over a year ago, the government had discussed appointing the head of the National Cyber Security Council, whose primary task would be to co-ordinate among the various agencies involved in cybersecurity, and Dr. Rai's name was actively considered. The plan did not materialize because of legal issues and objections that arose, questioning the legal powers of the center.

Dr. Rai recently was selected as one of the five-member cybercrime panel of leading academicians and professionals, which sources believe is a prelude to the plan of his new appointment. Dr. Rai was instrumental in creating the draft policy of the National cybersecurity policy of 2013 with a vision to create a cyber-resilient country.

Industry Reacts Positively

Cyber experts commend the likely move, saying that it would be ideal to get Dr. Rai to assist the PMO in co-ordinating with various segments under cybersecurity to ensure the success of the e-governance program.

Security practitioners acknowledge that Dr Rai can contribute immensely to making the cyber world more secure if rightly empowered.

"PMO, being the supreme body, can effectively leverage Dr. Rai's skills, given his expertise in developing security framework, standards and guidelines on cybersecurity," says Delhi-based Neeraj Aarora, cyber lawyer and forensic examiner who regularly interacts with CERT-In,

Mumbai-based Prashant Mali, president, cyber law consulting, finds Dr. Rai's current role as the head of CERT-In statutory. "In his new role, he would be an adviser and a policymaker to lay down the vision and clear strategy to fight cybercrime."


With the proposed change, cybersecurity practitioners expect establishment of an institutional cybersecurity framework and cyber-force to provide adequate support to the police and legal machinery.

While the industry sees greater challenges for Dr. Rai, given the increasing vulnerabilities, some of the expectations that the industry has of him are to help stengthen the cybersecurity framework to international levels, develop schemes to ensure cybersecurity meets the government, business and public needs and co-ordinates action among all verticals and horizontals.

Mali suggests setting up a country-wide single point of contact for getting data from foreign countries, establishing a country-wide cyber criminal database and make it available as a cellphone app to all cyber crime police, spreading cybercrime awareness in schools and other institutions.

"Dr. Rai should take stringent measures in advising the goverment in making the IT Act 2000 part of the curriculum of law and other infosec courses and leave no stone unturned in creating a resilient cyberspace," Mali says.

About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Vice President - Conferences, Asia, Middle East and Africa, ISMG

Nandikotkur is an award-winning journalist with over 20 years of experience in newspapers, audiovisual media, magazines and research. She has an understanding of technology and business journalism and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a group editor for CIO & Leader, IT Next and CSO Forum.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.