India and Pakistan continuously increase their stockpiles of fissile material. Pakistan possesses battlefield nuclear weapons that it threatens to deploy against India. New Delhi is close to completing deployment of a nuclear triad. Non-state actors in South Asia pose a perpetual threat of gaining access to nuclear weapons or materials. Artillery fire along the India-Pakistan border is frequent.
For all these reasons, the nuclear situation in South Asia demands attention. But with Islamabad and New Delhi unlikely to slow their nuclear weapons development amid the long-standing antagonism and mistrust between the two sides, can anything be done to reduce nuclear risk in the region? Yes—initiatives of three kinds stand out for their potential to enhance South Asian nuclear stability. First, New Delhi and Islamabad could undertake bilateral cooperation in nuclear security. Second, the two sides could—with international help—seek to improve the region's nuclear cybersecurity. And India and Pakistan could commit, in one fashion or another, to the Comprehensive Nuclear Test Ban Treaty.
Improving nuclear security. An ongoing concern in South Asia is that terrorist groups might gain access to nuclear materials, either to use these materials in attacks or to use them as bargaining chips against either New Delhi or Islamabad.
According to the Nuclear Threat Initiative and its Nuclear Security Index, both India and Pakistan do a poor job of safeguarding nuclear materials. But in recent months, both countries have taken some promising steps. Ahead of the fourth and final Nuclear Security Summit, which began in March, Islamabad ratified the 2005 amendment to the Convention on the Physical Protection of Nuclear Material. At the summit itself, New Delhi made commitments regarding nuclear smuggling and other issues. And in June, India committed to an important initiative known as the Joint Statement on Strengthening Nuclear Security Implementation.
Still, India and Pakistan both face risks regarding the security of the nuclear materials within their territories. Cooperative, bilateral mechanisms to tackle these challenges could be beneficial for both sides—but such cooperation is minimal today. What's needed is a framework for nuclear security cooperation that encourages the two sides to share best practices, know-how, and intelligence, and to conduct joint law enforcement drills.
Fortunately, an existing framework for nuclear confidence-building measures could be molded into a bilateral mechanism for improving nuclear security. Unfortunately, confidence-building efforts on the subcontinent are routinely interrupted by terror attacks on Indian soil. The 2008 Mumbai attacks resulted in a suspension of nuclear confidence-building measures for several years, and this year's Pathankot attack has led to an impasse in bilateral talks on a number of issues. It is essential, therefore, that India strategically delink nuclear security from terrorism. Otherwise, consistent progress on nuclear security is unlikely to be achieved.
Enhancing cybersecurity. The subcontinent faces an urgent need to increase its capability in cybersecurity. Weak cybersecurity infrastructure makes both countries' nuclear installations vulnerable—neither India nor Pakistan has in place the robust cybersecurity measures that their countries' nuclear facilities require. India produced a National Cyber Security Policy in 2013, but it merely set out a broad cybersecurity vision, without establishing the sort of detailed plans that cybersecurity threats require. Pakistan, meanwhile, passed a cybersecurity law in August, but the law has more to do with restricting the spread of extremist ideology than with protecting nuclear sites.
Admittedly, it is hard to envision Pakistan and India cooperating on cybersecurity amid the frequent cyberattacks that flow across the border. Moreover, neither country has the economic wherewithal to make the heavy investments that reliable cybersecurity infrastructures require. Staying ahead of the latest threat scenarios requires constant upgrades, so cybersecurity is a very expensive affair. Nonetheless, cybersecurity on the subcontinent could be improved if the international community, led by the United States, helped ensure that South Asian nuclear facilities are safe from, for example, a Stuxnet-style attack by hackers or terrorist groups. Just last month, India and the United States signed an agreement meant to enhance cooperation between the two countries regarding cybersecurity best practices and identification of cyber threats. It is the first such framework established by either country; more initiatives of this kind in both India and Pakistan could go a long way toward improving South Asian nuclear cybersecurity.
Rejecting nuclear tests. Since May 1998, when 11 nuclear explosions shook the subcontinent, neither India nor Pakistan has conducted a nuclear test. On the other hand, neither country has signed the Comprehensive Nuclear Test Ban Treaty (CTBT).
In August, Pakistan made an overture to India, offering to establish a bilateral test-ban treaty that would formalize the two countries' existing voluntary moratoria on testing. This move was strategic to be sure, but also welcome. So far, India has demonstrated little interest in the proposal—even though pursuing it could help New Delhi in its bid for membership in the Nuclear Suppliers Group. Indeed, New Delhi's aspirations for membership in key export-control regimes make it essential for India to embrace a new approach to the issue of nuclear testing.
One approach for New Delhi would be to "go French." Under this scenario, New Delhi would behave regarding the CTBT as Paris once behaved regarding the Nuclear Non-Proliferation Treaty—that is, formally declining to sign the treaty, but acting like a signatory. This approach would entail several benefits. First, it would formalize New Delhi's existing commitment not to test nuclear weapons and would help dissolve India's image as a "nuclear pariah." This might help New Delhi achieve its long-term aim of gaining membership in export-control groups including the Wassenaar Arrangement, the Australia Group, and the Nuclear Suppliers Group. Second, it wouldn't create pressure within India to conduct additional nuclear tests. Agreeing to sign the CTBT likely would create such pressure, especially in view of claims that India's 1998 test of a thermonuclear device was not completely successful. Third, adhering to the CTBT without signing it would be compatible with Pakistan's proposal for a bilateral nuclear test ban.
The Indian subcontinent is dominated by nuclear rivals with contested borders and a history of warfare. Therefore the region's security prospects can seem gloomy. But history provides reasons for hope. Since the bombings of Hiroshima and Nagasaki more than 70 years ago, nuclear weapons have not been used in wartime. When China and the Soviet Union—two nuclear weapon states—engaged in conventional conflict along the Ussuri River in 1969, hostilities did not escalate into a nuclear exchange. If Russia and China, despite their long common border and their sometimes acrimonious relations, can co-exist without launching nuclear weapons, maybe India and Pakistan can do the same. Yet the potential for nuclear warfare in an area fraught with interstate disputes cannot be completely written off. Leaders in New Delhi and Islamabad have tools at their disposal that can help keep nuclear-armed missiles out of the air. Nuclear security, cybersecurity, and a test ban can chart the path toward a more stable future for South Asia.