India’s Preparedness For Cyberwarfare: A Legal And Institutional Analysis

K. Megha Narayana Reddy, Christ (Deemed to be University), Bengaluru

ABSTRACT

As geopolitical disputes increasingly unfold in the digital realm, India’s capacity to counter cyber warfare has become a critical national security issue. Rising state-linked cyberattacks targeting Indian infrastructure reveal the inadequacy of existing laws and institutions. This paper examines whether India’s fragmented and outdated cyber legal framework can address militarised cyber operations beyond conventional cybercrime or espionage.

Drawing on doctrinal and policy analysis, the study reviews the Information Technology Act 2000, relevant penal codes, and the roles of CERT-IN, NCIIPC, the Defence Cyber Agency, and the National Cyber Coordination Centre. It also compares India’s stance with international standards such as the Tallinn Manual and international humanitarian law.

Findings show India’s framework is reactive, focused mainly on civilian cybercrime, and hindered by institutional silos and unclear mandates for offensive or defensive cyber warfare. The absence of a comprehensive cybersecurity statute and misalignment with global norms leave India vulnerable to state-sponsored attacks.

The paper argues for a multi-pronged approach: enacting dedicated cybersecurity legislation, clarifying civil–military responsibilities, and aligning domestic practices with evolving international law. It highlights the urgent need for an Indian cyber warfare doctrine, assessment of offensive cyber capabilities, and enhanced international legal cooperation.

Keywords: Cyberwarfare, IT Act, National Security, Sovereignty, Tallinn Manual.