Author: Divyanshu Jindal, Research Associate, Centre for Air Power Studies
Keywords: BIMSTEC, Cyberspace, Cyber, Cybersecurity, Regional Cooperation, South Asia.
The Bay of Bengal region has witnessed impressive digitalization growth in recent years. The region is inhabited by nearly 22 per cent of the world’s population. However, it remains absent from the global cyberspace governance discussions and suffers from low digital literacy rates and cyber hygiene practices. As the digital footprint expands in the region, it will be accompanied by an exponential growth in the regional threat profile in the cyber domain.
The Bay of Bengal Initiative for Multi-Sectoral Technical and Economic Cooperation (BIMSTEC) has been often deemed as India’s Plan B for establishing a framework for robust regional cooperation. But for a better part of the 25 years of its existence, it has remained in the shadows of the South Asian Association for Regional Cooperation (SAARC) which includes Pakistan and Afghanistan.
But as SAARC remains in a deadlock with no solution in sight, both because of Pakistan’s persistent sponsorship to terrorism and the changed dynamics in Afghanistan since the Taliban takeover, the time for BIMSTEC to take over seems to have arrived. To revamp and reinvigorate BIMSTEC, the member nations adopted the long overdue BIMSTEC Charter during the 5th BIMSTEC Summit in March this year. While earlier member nations focused on 14 priority areas distributed among them, the charter formalized the BIMSTEC structure and functioning by reorganizing the activities. Now each member oversees one pillar of activity.
India leading the way
In the new structure, India leads the much important security pillar, which encompasses counterterrorism and transnational crime (CTTC), disaster management, and energy security. Invariably, as cybersecurity is now embedded in every aspect of national security, India’s leadership in the cyber domain is important for a successful regional cooperation mechanism. India’s increased focus on improving regional cybersecurity goes back at least half a decade. In March 2017, India led the maiden BIMSTEC National Security Advisor (NSA) level meeting to combat challenges arising from the violation of cyberspace, extremist ideologies, and cross-border terrorism.[i] The meeting flagged the emerging trends in cyberspace that have security implications and agreed to establish a Joint Forum of Cyber Security to deepen cooperation between national cyber institutions.
India has also taken a lead in establishing Track 1.5 and Track 2 mechanisms to deliberate the cyber issues. In December 2018, the Manohar Parrikar Institute for Defence Studies and Analyses (MP-IDSA), India’s premier defence think tank, held the BIMSTEC Workshop on Regional Cyber Security Cooperation, which concluded with a cybersecurity cooperation roadmap proposal.[ii] In November 2019, the 2nd BIMSTEC Think Tanks Dialogue on Regional Security, hosted by the New Delhi-based Vivekananda International Foundation (VIF), discussed cybersecurity cooperation. The dialogue underlined the role of civil society and the state in addressing the spread of radicalization through cyberspace (internet and social media).[iii]
The delegates from the BIMSTEC nations also deliberated on strengthening cyber security through practical measures and the role of think tanks in this endeavour. The dialogue put forth recommendations for cooperation in skill building through public-private partnerships, mechanisms for information sharing on cyber threats like a BIMSTEC Computer Emergency Response Team (CERT), and awareness programs for developing cyber hygiene and digital literacy.
These efforts have received a boost with the BIMSTEC restructuring. India hosted a two-day meeting of the BIMSTEC Expert Group on Cyber Security Cooperation in July 2022.[iv] The meeting—based on the agreement made during the March 2017 NSA-level meeting—was chaired by India’s National Cyber Security Coordinator, Lt. Gen Rajesh Pant, and was attended by officials from the cyber police, armed forces, and consuls of the BIMSTEC nations.
The expert group meeting is aimed at developing a BIMSTEC Plan of Action on Cybersecurity. The BIMSTEC 5-year Action Plan “will cover the exchange of information on cybersecurity, cybercrime, protection of critical information infrastructure, cyber incident response, and international developments related to cybersecurity norms.”[v] It has also been reported that there were discussions to establish a BIMSTEC CERT by 2025, for real-time information sharing on cyberattacks.[vi]
BIMSTEC is envisioned as a purely technical and economic cooperation mechanism. This enables it to overcome regional political and geopolitical dilemmas. With the increasing geo-strategic stature of the Indo-Pacific, BIMSTEC can help the region develop a robust cybersecurity ecosystem through regional cooperation. It is often highlighted that cyber threats transcend national borders. Thus, countering these threats requires multilateral coordination. While cybersecurity and cyber governance remain a dividing area in global politics, BIMSTEC members can coordinate a regional regime like the EU Cybersecurity Act 2019, the ASEAN Cyber Cooperation Strategy 2017, and the African Union Convention on Cyber Security and Personal Data Protection.
For India, BIMSTEC presents the avenue for establishing its credentials as a regional leader towards mutual growth and development. In the second quarter of the BIMSTEC legacy, India can converge its ‘Act East’ and ‘Neighbourhood First’ Policies, as well as its Indo-Pacific vision, to take the BIMSTEC forward.
[i] Dipanjan Roy Chaudhary, “BIMSTEC National Security Advisers strive to create common security space amid rising multiple threats”, The Economic Times, July 12, 2018, https://economictimes.indiatimes.com/news/defence/bimstec-national-security-advisers-strive-to-create-common-security-space-amid-rising-multiple threats/articleshow/57766714.cms. Accessed on July 12, 2020
[ii] “IDSA-BIMSTEC Workshop on Cyber Security Cooperation”, BIMSTEC Secretariat, https://bimstec.org/?event=idsa-bimstec-workshop-on-cyber-security-cooperation. Accessed on July 15, 2022
[iii] “2nd BIMSTEC Think Tanks Dialogue on Regional Security- Conference Proceedings”, Vivekananda International Foundation, January 29, 2020, https://www.vifindia.org/paper/2020/january/29/2nd-bimstec-think-tank-dialogue-on-regional-security. Accessed on July 15, 2022
[iv] Sandhya Sharma, “India takes the lead in setting up BIMSTEC cyber-response team”, The Economic Times, July 15, 2022, https://economictimes.indiatimes.com/tech/technology/india-takes-the-lead-in-setting-up-bimstec-cyber-response-team/articleshow/92901162.cms. Accessed on July 16, 2022
[v] “Fifth BIMSTEC Summit”, Ministry of External Affairs Government of India, March 30, 2022, https://www.mea.gov.in/press-releases.htm?dtl/35093/5th+BIMSTEC+Summit. Accessed on July 15, 2022
[vi] n. 4