NEW DELHI: India’s counter-terrorism strategy over the past two years has been shaped by the operational reality that contemporary terror networks no longer depend solely on physical infrastructure or territorial control. They operate through data trails or travel movements, financial transfers, encrypted communications, digital identities and logistics footprints dispersed across multiple institutions. The challenge confronting security agencies was not a shortage of intelligence inputs, but the inability to connect them fast enough. Responding to this systemic gap is the National Intelligence Grid (NATGRID), which has emerged as the central nervous system of India’s intelligence architecture.
The operation of NATGRID differs significantly from that of a conventional database. NATGRID was designed as a secure technological bridge, an infrastructure that allows authorised agencies to query multiple datasets simultaneously. This design reflects a strategic shift in India’s internal security thinking as intelligence effectiveness now depends less on isolated information ownership and more on real-time convergence.
From Concept to Capability: The Scale of NATGRID
NATGRID is an offshoot of a core lesson learnt from the November 2008 Mumbai terror attacks; the investigations that followed have shown that vital clues lay scattered in unconnected databases. Flight records, hotel bookings, telecom logs and financial transactions existed, but were trapped in complexity. To prevent a recurrence, the Cabinet Committee on Security approved NATGRID in 2011, with an estimated overall cost of about Rs 3,400 crore.
The first two implementation phases, valued at approximately Rs 1,200 crore, aimed at connecting 10 central user agencies with 21 data providers. In the initial phase, progress was slow, primarily due to institutional, technical, and structural constraints. But a renewed reassurance post-2019 aligned NATGRID with the wider national priorities of cybersecurity and data-driven governance. By 2024, the platform was officially described as fully functional, marking its transition from conceptual promise to operational capability.
Built for Performance, Designed for Speed
NATGRID operational footprint today reflects its growing credibility. According to official data, the platform processes around 45,000 intelligence and investigative queries every month. This volume indicates routine integration into daily investigative workflows rather than occasional or exceptional use.
The system combines more than 20 data sources from 21 government and private organisations. These are also connected to national policing systems, such as the Crime and Criminal Tracking Network & Systems (CCTNS), which aggregate data from over 14,000 police stations nationwide. Such a system also enables officers to shift effortlessly from crime information obtained at the local to crime intelligence at the national level, reducing timelines which took weeks and sometimes months to accomplish.
Gandiva: Turning Data Access into Intelligence Insight
This technology, developed by NATGRID, marks the launch of GANDIVA, NATGRID’s AI-ML-enabled analysis tool. Gandiva upgrades NATGRID from being a passive data access platform to being an active intelligence platform. It enables single-point search across data sources, link analysis, and identification of individuals based on cross-referenced, photo-based identity records.
This tool has become increasingly critical as digital threats intensify. In 2024, more than two million cyber incidents were recorded in India, underscoring the extent to which threats can target anyone on cyber platforms. Gandiva helps correlate IP logs, telecommunications metadata, travel spikes, and financial irregularities into a meaningful risk pattern. The tool supports analysis and discovery rather than simple querying, enabling law enforcement agencies to identify potential connections that have not been questioned or sought.
NATGRID has now been linked to the National Population Register (NPR), which holds family‑wise details of about 119 crore residents. Gandiva can use this to trace family linkages and household‑level connections.
Strengthening Terror Investigations and Prosecution
The reach of NATGRID has been observed not only in the intelligence department but also in investigations and prosecutions. The National Investigation Agency, for instance, uses this system to quickly reconstruct financial transactions, communications, and movement patterns, which play crucial roles in investigations related to the prevention of unlawful activity.
This is clearly in addition to institutional measures, such as the NIA’s UAPA probe handbook, adopted in 2024 to standardise State-level exercises. When NATGRID-enabled evidence discovery is combined with particular frameworks, it strengthens charge sheets and improves prosecution outcomes. The cases involving online radicalisation and terror financing can be easily resolved.
Mapping Organised Crime and Terror Networks
Recognising the convergence of terrorism with organised crime, a dedicated Organised Crime Network Database (OCND) is being developed on NATGRID IT platform. OCND’s purpose is to identify and connect gangs, identifying terror cells and transnational organisations as interrelated ecosystems.
By connecting associates, financial conduits, logistical points and fronts, law enforcement gains a near-real-time view of criminal networks. This is based on evidence-based knowledge that terror acts tend to overlap and include money smuggling, drugs and fake currencies. NATGRID provides the analytical foundation necessary to uncover these overlaps systematically
Federal Reach and Institutional Adoption
Initially conceived as a central intelligence tool, NATGRID access model has evolved. Officers of Superintendent of Police rank and above at the State level are now authorised to query the system directly. This represents a significant institutional shift, as NATGRID’s aim now appears to be a common national resource rather than a platform.
This increased accessibility is supported by capacity-building activities. Training courses now include data literacy, how to craft precise queries, and how to use automated results systematically and critically. Over the years, NATGRID has also contributed to a cultural shift in policing, whereby data investigation has moved from being specialised to an integral part of policing skills.
Given the nature of the information handled, NATGRID has numerous security measures in place. The system uses end-to-end encryption, two-factor authentication, and role-based access control. Each search is retained with a timestamp and attributed to one officer, generating a comprehensive history log.
The categories of information are ranked by intrusiveness, ensuring that the more intrusive the information, the more senior the individual must be to have the right to it. Such measures are critical for ensuring privacy and building trust between the agencies.
Measuring Impact Beyond Metrics
While budgets, query volumes and dataset counts illustrate NATGRID’s performance, its real value lies in outcomes that rarely attract public attention. The platform enables investigators to link a suspicious financial transaction in one State to a travel record in another, or to connect renewed digital activity to a previously dormant identity. Such correlations often allow agencies to intervene before threats materialise.
The integration of NATGRID into intelligence coordination mechanisms and the modernisation of the forensic function ensure the effectiveness of operational knowledge by translating analytic knowledge. Its efficacy lies not in visibility but in the lack of certain incidents occurring.
Intelligence as National Infrastructure
NATGRID represents one of India’s most required internal security reforms since 2008. With an investment of Rs 3,400 crore, integration of 21 data providers, processing of 45,000 queries per month and AI-enabled analytics responding to millions of cyber incidents, it has evolved into a robust national intelligence backbone.
As security threats become increasingly networked and less visible, intelligence itself must function as an infrastructure that is secure, scalable and shared. In that role, NATGRID stands as a technological system and structural transformation, which tells how India is safeguarding itself in the age of data-driven threats
