The company law of India has been recently reformulated and notified in the form of Indian Companies Act, 2013 (Pdf). It has given rise to many novel techno legal obligations on the part of directors of various companies that were absent in the former company law framework. For instance, directors of Indian companies can now be held liable for cyber law and cyber security related lapses. Even law firms and other firms holding their client’s data can be held liable for cyber breaches.
The cyber security trends in India (Pdf) provided by Perry4Law’s Techno Legal Base (PTLB) has stressed upon a need to secure participation from various stakeholders. Indian government needs to be more stringent while getting cyber security related compliances enforced by Indian companies and their directors. However, till now various companies and their directors are not complying with techno legal requirements of Indian laws.
Recently E-Bay asked for change of passwords by its users after breach of its database containing account information. Before that Target Corporation was targeted by cyber criminals and as a result of that Target Corporation faced litigation threats around the world. Indian companies and banks are also no different as cyber breaches in India have increased significantly. This is the reason that Indian government is planning to formulate a law where cyber security breaches would be required to be disclosed to designated Indian agencies.
Cyber security challenges in India are tremendous and there is an urgent need to tackle them immediately. It would take considerable amount of money and energy to establish a sound and robust cyber security infrastructure of India. The present trends have also shown that Indian companies and government is all set to increase spending on cyber security infrastructure. A good portion of it must be allocated to meet techno legal compliances so that company’s reputation and business is not affected by cyber attacks and their public disclosures.