India is in the final stages to clear a National Cybersecurity Strategy in the wake of growing cyber attacks and threats from nation-state actors against the country, national cyber security coordinator Lt. Gen. (retd) Rajesh Pant has stressed.

There are about 4 million malware that are detected every day and India is one of the most cyber attacked nations in the world.

"One of the reasons for that is that we have a large attack surface with 1.15 billion phones and more than 700 million Internet users," Pant said during the third edition of 'ExpertSpeak', a curated dialogue series by Microsoft with industry experts.

"What we require now is a National Cybersecurity Strategy, which we have been working on over the last two years and is in the cabinet for the final stamp. The first thing we need is a governance structure, because there is no central apex organisation which is responsible for the cybersecurity of the nation," Pant stressed.

"That is the first thing we have to tackle, because the difference between a policy and a strategy is that a strategy is an action-oriented plan with a timeline."

The pandemic has taught countries that cybercrime is now an essential service, just like the police and fire departments.

"Fortunately, we've managed to avoid any major cyber-attacks or threats and that is one of the reasons why in June, we jumped from 47 to 10 in the new rankings of the Global Cybersecurity Index," Pant said during the event on Tuesday, organised as part of the Cybersecurity Awareness Month.

With the policy comes the challenge to address cyberskilling. Reports estimate that there will be about 1.5 million job vacancies in cybersecurity by 2025 in India.

"There's a strong industry need to build programmes that bridge this skills gap in cybersecurity. Closing the gender gap in cybersecurity and enabling more diversity in the field is another critical priority," said Keshav Dhakad, General Counsel, Microsoft India.

Microsoft has invested in the 'CyberShikshaa' programme along with the Data Security Council of India (DSCI), to create a pool of skilled women security professionals in the country.

"Microsoft is also partnering closely with MeitY to skill security leaders in government entities across the nation in cybersecurity," Dhakad said.

The nation-state actors are targeting critical infrastructure like power.

"We are definitely seeing attacks coming and there are different motives behind why you will go and disrupt a critical infrastructure like the outage that happened in Mumbai, Maharashtra. Protecting that infrastructure is very critical," said Dhakad.