General Studies 2022 GS Paper III 15 marks 250 words Compulsory Examine

Q19

What are the different elements of cyber security? Keeping in view the challenges in cyber security, examine the extent to which India has successfully developed a comprehensive National Cyber Security Strategy. (Answer in 250 words) 15

हिंदी में प्रश्न पढ़ें

साइबर सुरक्षा के विभिन्न तत्व क्या हैं? साइबर सुरक्षा की चुनौतियों को ध्यान में रखते हुए समीक्षा कीजिए कि भारत ने किस हद तक एक व्यापक राष्ट्रीय साइबर सुरक्षा रणनीति सफलतापूर्वक विकसित की है। (250 शब्दों में उत्तर दीजिए)

Evaluate your answer to this question → See all 2022 General Studies questions

Directive word: Examine

This question asks you to examine. The directive word signals the depth of analysis expected, the structure of your answer, and the weight of evidence you must bring.

See our UPSC directive words guide for a full breakdown of how to respond to each command word.

How this answer will be evaluated

Approach

The directive 'examine' requires a critical investigation of both elements of cyber security and India's strategic preparedness, moving beyond description to evaluative analysis. Structure: brief introduction defining cyber security → first section enumerating key elements (technical, legal, institutional, human) → second section examining India's strategy through achievements and gaps → conclusion with forward-looking recommendations.

Key points expected

Identification of core cyber security elements: network security, application security, information security, operational security, disaster recovery, and end-user education
Critical assessment of India's National Cyber Security Strategy 2020 (or draft status) and its alignment with National Cyber Security Policy 2013
Evaluation of institutional framework: CERT-In, NCIIPC, Cyber Swachhta Kendra, and their operational effectiveness
Analysis of key challenges: critical infrastructure vulnerabilities, data localization debates, ransomware attacks, supply chain risks, and skill gaps
Specific evidence of gaps: delayed implementation of Cyber Security Strategy, low cyber insurance penetration, inadequate R&D spending, and fragmented coordination between MHA, MEITY, and NSCS
Balanced verdict acknowledging progress (Digital India, Cyber Surakshit Bharat) while identifying strategic deficits requiring urgent attention

Evaluation rubric

Dimension	Weight	Max marks	Excellent	Average	Poor
Demand-directive understanding	20%	3	Correctly interprets 'examine' as requiring critical investigation with evidence-based judgment; addresses both parts (elements AND India's strategy) with explicit evaluative stance rather than mere description	Addresses both parts but treats 'examine' descriptively; lists elements and describes India's strategy without systematic critical assessment or clear evaluative framework	Misinterprets directive as pure description; omits either elements or strategy evaluation; fails to provide any critical judgment on India's preparedness
Content depth & accuracy	20%	3	Demonstrates precise knowledge of cyber security domains (technical, legal, institutional, human); accurately cites National Cyber Security Policy 2013, draft Strategy 2020, and institutional roles; identifies specific threat vectors relevant to India	Covers basic elements (network, data, application security) and mentions CERT-In/NCIIPC but with imprecise details; conflates policy documents or misstates institutional mandates; generic treatment of threats	Superficial or incorrect content; confuses cyber security with IT governance; misidentifies key institutions; omits critical infrastructure protection or includes outdated/incorrect policy references
Structure & flow	20%	3	Clear two-part architecture with seamless transition from elements to strategic evaluation; logical progression within each section; effective signposting; maintains 250-word discipline without structural compression	Recognizable structure but uneven weightage (over-detailed elements, rushed strategy section); some logical gaps between paragraphs; minor word management issues	Disorganized or lopsided structure; no clear part demarcation; abrupt jumps; significantly over/under word limit; conclusion missing or mechanically appended
Examples / case-law / data	20%	3	Deploys specific Indian evidence: 2022 AIIMS ransomware attack, 2020 Mumbai power grid incident, India's rank in GCI or ITU indices, Cyber Surakshit Bharat initiative, data from Indian Cyber Crime Coordination Centre (I4C); references Personal Data Protection Bill implications	Generic international examples (Stuxnet, WannaCry) without Indian application; mentions CERT-In incidents without specifics; no quantitative indicators of India's cyber preparedness	No examples or irrelevant foreign cases; fabricated data; examples contradict the argument made; complete absence of India-specific evidence
Conclusion & analytical edge	20%	3	Synthesizes balanced verdict: acknowledges Digital India progress while identifying strategic deficits (delayed strategy, resource constraints, inter-agency coordination); offers concrete, forward-looking recommendations (cyber deterrence doctrine, public-private fusion cells, indigenous cryptographic standards)	Summary conclusion restating points without synthesis; one-sided (purely optimistic or pessimistic); generic recommendations (more awareness, better laws) without strategic specificity	No conclusion or abrupt ending; purely descriptive closing; recommendations unrelated to preceding analysis; no evidence of independent analytical judgment

Practice this exact question

Write your answer, then get a detailed evaluation from our AI trained on UPSC's answer-writing standards. Free first evaluation — no signup needed to start.

Evaluate my answer →