Power Map: Gap Analysis

Segment 19 — Institutional authority mapping, budget dysfunction, and informal power networks

10x
Budget underinvestment
2018
NCCC stalled since
750M
Data breach (no integration)
0
Agencies with command authority

P0 — Authority & Power Structure

Government Authority Hierarchy
👑PMO / NSCS
🏛️MeitY
CERT-In
NIC
UIDAI
CDAC
STQC
🔒MHA
Cyber Crime
NIA
State Cells
⚔️MOD
DCYBER
DRDO
Military Intel
🏦RBI/SEBI
RBI CISO
SEBI CISO
Primary Actor
Subsidiary
Individual
Informal Power Network
policypolicyoversightoversightcoordecosysteminfluenceinfluencelobbyrevolvingconsultconsultMeitY SecyNASSCOMMAITTCSInfosysMicrosoftCERT-In DirNIC DGEx-MeitYUIDAI CEO
Primary
Secondary
External

P1 — Budget Flow & State Capability

Budget Flow (INR Crore)
Increase
Decrease
Total

State Capability Matrix

Maharashtra
Karnataka
Telangana
Tamil Nadu
Gujarat
Kerala
Uttar Pradesh
Bihar
Odisha
Jharkhand
Maharashtra
95
0
0
0
0
0
0
0
0
0
Karnataka
0
80
0
0
0
0
0
0
0
0
Telangana
0
0
85
0
0
0
0
0
0
0
Tamil Nadu
0
0
0
55
0
0
0
0
0
0
Gujarat
0
0
0
0
45
0
0
0
0
0
Kerala
0
0
0
0
0
50
0
0
0
0
Uttar Pradesh
0
0
0
0
0
0
15
0
0
0
Bihar
0
0
0
0
0
0
0
5
0
0
Odisha
0
0
0
0
0
0
0
0
12
0
Jharkhand
0
0
0
0
0
0
0
0
0
8
0
100
Coordination Gap (Current State)
Coordination Gap (Target State)

P2 — Timeline, Utilization & Doability

Stalling Event Intensity (2018-2026)
Deal Doability Matrix
Budget Utilization Rates (Capital vs Operational)

Gap Analysis & Commercial Implications

10x Budget Underinvestment

0.02%
Current GDP Allocation
0.2%
Required GDP Allocation
India per capitaINR 5-8
USA comparableINR 400-600
Gap factor50-80x

Critical Structural Gaps

G-01
CRITICAL
No Distinct Cyber Demand Grant
G-02
CRITICAL
CISO Lacks Budget Authority
G-03
CRITICAL
NCCC Stalled Since 2018
G-06
HIGH
Huawei/ZTE No Resolution

Coordination Failures

750M Data Breach
2023
CERT-InMHAMeitYState Cells
Parallel action without integration
Huawei/ZTE Risk
2020
DoTMHAIntelligence
Identified risk, no resolution pathway
NCCC Proposal
2018
NSCSMeitY
Repeatedly stalled - MeitY views as authority diminution

Doability Formula

Ministry Sensitivity
MeitY+2
MHA-1
MOD-2
Finance-3
Secretary Continuity
0-6 months-2
6-18 months+1
18-36 months+3
36+ months-1
Budget Cycle
Q1 (Apr-Jun)-1
Q2 (Jul-Sep)0
Q3 (Oct-Dec)+2
Q4 (Jan-Mar)+3
+3Threshold = "Doable"

Vendor Dominance Hierarchy

TCS
TIER 1
UIDAI/GSTN/DigiLocker refs
Infosys
TIER 1
Karnataka connection
Microsoft
TIER 1
Azure/365 bundling
Wipro
TIER 2
Selective defence/ministries
Quick Heal
TIER 2
Indigenous endpoint
Palo Alto
TIER 2
Premium security

Relationship Investment Gaps

G-1318-24 months
MeitY Bureaucratic Access
INR 1.5-3Cr/year
G-1412-18 months
Priority State Relations
INR 50-80L/state
G-1512-18 months
RBI/SEBI Regulatory Access
INR 40-60L/year
G-166-12 months
Defence Sector
INR 30-50L/year

Critical Assessment: Structural Power Dysfunction

India's cybersecurity governance operates through three simultaneous realities: (1) Formal hierarchy shows rational authority distribution across ministries, (2) Informal power networks where relationships, alumni networks, and retired-babu consulting determine outcomes, and (3) Budget dysfunction with 10x underinvestment relative to developed nation benchmarks.

0.02% GDP vs 0.2% required
NCCC stalled since 2018
Huawei/ZTE unresolved
750M breach without integration
Previous: Institutional ArchitectureBack to Analysis