Key Points
- Cyber threats now arise not only from government systems but also from connected platforms vendors and service providers.
- A weakness in one digital dependency can disrupt multiple government services and affect millions of users.
- Effective cyber resilience requires risk assessment accountability and continuity plans alongside strong technology systems.
NEW DELHI — Cybersecurity risks in government systems are increasingly being shaped by external digital dependencies rather than the systems themselves, former Director General of the National Informatics Centre (NIC) and Chief Advisor to the Election Commission of India, Neeta Verma, said on Tuesday.
Sharing her views on the evolving nature of cyber threats in digital governance, Verma said, governments today operate in highly interconnected ecosystems where public services depend on multiple platforms, technologies, data exchanges, service providers and critical digital infrastructure.
She noted that while such interconnectedness has enabled faster service delivery, improved interoperability and seamless citizen experiences, it has also expanded the scope of cybersecurity risks.
“A government platform may be secure within its own boundaries, but its functioning often depends on a broader ecosystem. Vulnerabilities in any component of that ecosystem can affect essential services,” Verma said.
According to her, disruptions in critical services, weaknesses in third-party systems or failures in supporting digital infrastructure can have consequences extending far beyond a single platform or department.
Verma said the challenge for governments is not the growing interconnectedness of digital systems, which remains essential for modern governance, but understanding where critical dependencies exist and how they could affect service delivery during disruptions.
She stressed that cyber resilience should be viewed as a governance and leadership issue as much as a technology concern.
“Strong systems alone are not enough. Institutions need visibility into critical dependencies, clear accountability mechanisms, regular risk assessments and continuity plans to ensure essential services remain operational during disruptions,” she said.
With governments across the country accelerating the digital transformation initiatives and expanding citizen-facing online services, experts have increasingly highlighted supply-chain vulnerabilities, third-party risks and infrastructure dependencies as major areas of concern in cybersecurity planning.
Several government agencies and technology institutions, including NIC, C-DAC and the Indian Computer Emergency Response Team (CERT-In), have in recent years intensified efforts to strengthen cyber resilience through audits, capacity-building programmes and cybersecurity awareness initiatives.
Verma said cyber resilience in an interconnected digital environment ultimately depends on how effectively organisations identify, understand and manage their critical dependencies.
As governments continue to build integrated digital ecosystems, ensuring resilience across the entire network of stakeholders and service providers will be crucial for maintaining public trust and uninterrupted delivery of essential services, she added.
