The policy is not aimed only at government entities and big business, but at home users as well.
It enumerates the following priorities:
- Creation of necessary situational awareness regarding threats to ICT infrastructure for determination and implementation of suitable response
- Creation of a conducive legal environment in support of safe and secure cyber space, adequate trust & confidence in electronic transactions, enhancement of law enforcement capabilities that can enable responsible action by stakeholders and effective prosecution
- Protection of IT networks & gateways and critical communication & information infrastructure
- Putting in place 24 x 7 mechanism for cyber security emergency response & resolution and crisis management through effective predictive, preventive, protective, response and recovery actions
- Policy, promotion and enabling actions for compliance to international security best practices and conformity assessment (product, process, technology & people) and incentives for compliance.
- Indigenous development of suitable security techniques & technology through frontier technology research, solution oriented research, proof of concept, pilot development etc. and deployment of secure IT products/processes
- Creation of a culture of cyber security for responsible user behavior & actions
- Effective cyber crime prevention & prosecution actions
- Proactive preventive & reactive mitigation actions to reach out & neutralize the sources of trouble and support for creation of global security eco system, including public-private partnership arrangements, information sharing, bilateral & multi-lateral agreements with overseas CERTs, security agencies and security vendors etc.
- Protection of data while in process, handling, storage & transit and protection of sensitive personal information to create a necessary environment of trust.