DSCI NEWS January 2014

Our Vision

Harness data protection as a lever for economic development of India through global integration of practices and standards conforming to various legal regimes.

Our Mission

To create trustworthiness of Indian companies as global sourcing service providers, and to assure clients worldwide that India is a secure destination for outsourcing where privacy and protection of customer data are enshrined in the global best practices followed by the industry.

Our Objectives

Public Advocacy on Data Protection and Cyber Security

Thought Leadership through Best Practices and standards

Capacity Building on Security and Privacy

Cyber Crime Speedier Trial through raining of Law Enforcement Agencies and Judiciary

Independent Oversight forAssurance & Dispute resolution through ADR towards Self-Regulation

DATA SECURITY COUNCIL OF INDIA

UPCOMING EVENTSUPCOMING EVENTSDSCI-Cisco Security Conclave18-19 February 2014, Mumbai(Invitation Only)

9th Batch of DSCI Certi�ed PrivacyLead Assessor Training 05–07 March 2014, Niryat Bhawan, New Delhi (Invitation Only)

DSCI Corporate Membership is openVisit: http://www.dsci.in/taxonomypage/105

MONTHLY NEWSLETTER OF DATA SECURITY COUNCIL OF INDIA

DSCI NEWS January 2014

2

International Standards Development at ISO

The development international standards on security and privacy at ISO are underway. DSCI is consistently participating in the ISO experts meetings-ISO Sub-Committee 27 (SC27) with an objective to address the industry’s interest and provide expertise to contribute to the development of the standards. Accordingly, DSCI continues to engage in creating awareness within the industry. Given that cloud computing is the next growth frontier for the IT industry in India, and security and privacy are one of the biggest challenges in cloud adoption, the International community is working towards creating security and privacy standards related to cloud computing. The following standards are under development: 27017 - Guidelines on information security controls for the use of cloud computing services based on ISO/IEC 27002

27018 - Code of practice for PII protection in public clouds acting as PII processors

27036-4 - Information security for supplier relationships – Part 4: Guidelines for security of cloud services

The above standards under development are open for comments and voting by national bodies. DSCI has invited comments from major cloud service providers in India on these standards, which it will submit to Bureau of Indian Standards (BIS) for submitting them as national comments post necessary approvals.

DSCI Certification Program

The seventh batch of DSCI Certified Privacy Lead Assessor (DCPLA) training was organized in Pune with 14 participants from Government of Maharashtra, IBM, DNV, ING Vysya Bank, ICICI Bank, Bridgepoint, Arrka Consulting, Fluent India and Vyom Labs. Total DCPLA certified professionals till date numbers to 133 from 46 organizations.

MoU with (ISC)2

An MoU was signed with (ISC)2 to promote Certified Cyber Forensic Professional (CCFP) certification in India. The collaboration is intended to build requisite skill sets in the country and industry and help develop career roadmap for the forensic profession in India.

DSCI NEWS January 2014

3

AISS 2013 Recommendations:Advancing Towards a Securer Cyberspace

Subsequent to the NASSCOM-DSCI Annual Information Security Summit (AISS) 2013, a report ‘AISS 2013 Recommendations: Advancing Towards a Securer Cyberspace’ was released as an outcome of the summit. The published report details the key takeaways, ideas of over 100 thought leaders and experts from diverse backgrounds, along with the key

recommendations emerging from the multiple panel

sessions, debate and workshops during the Summit.

“I hope the policy makers, businesses, experts, delegates and sponsors will find this report relevant and valuable, and it will contribute in devising solutions to the issues and challenges we face in cyber security and data protection” said Dr. Kamlesh Bajaj, CEO, DSCI during the release of the report.

Data Privacy Day Celebrations:Jan 28

As every year, this year too DSCI spread the awareness around International Data Privacy Day (Jan 28).

DSCI disseminated a message centered on privacy encouraging the organizations to adopt Wallpaper theme created by DSCI. It was adopted by over 50 organizations that included government departments and industry across various verticals - IT-BPM, BFSI, Health care, Energy, e-commerce, and others in India and abroad and reached approximately 8 lakhs screens.

Kamlesh Bajaj, CEO, DSCI also sent a DPD message to all the corporate and chapter members. This year it was accompanied with messages from some eminent leaders in the government and industry including R. Chandrashekhar President, NASSCOM; Gulshan Rai, DG, CERT-In; Rajesh Aggarwal, Pr. Secretary (IT), Govt. Of Maharashtra; Rajendra Pawar, Former Chairman, NASSCOM & Chairman and Co-Founder, NIIT Group; Srinath Batni, Member of the Board, Infosys Ltd; and Michael Kaiser, Executive Director, National Cyber Security Alliance.

DPD Message

Chapter meetings were organized in Delhi, Bangalore, Chennai, and Pune, chapters. DSCI also participated in few of these meetings.

Over 30 industry leaders voiced the importance of privacy.

Click Here for Industry Messages

DSCI NEWS January 2014

4

Leadership Summit on ICT 2014 on Cyber Security

Kamlesh Bajaj, CEO, DSCI was a co-panelist at a panel on ‘Cyber security-Issues and Challenges’ at

Leadership Summit on ICT 2014, Ahmedabad

organized by ASSOCHAM in association with Department of Science and Technology, Government of Gujarat Dr. Bajaj, while underscoring the current issues and challenges of cyber security, highlighted on strengthening cyber security in the country through public-private-partnership. He also highlighted various efforts undertaken by the government and DSCI in this area. The session was moderated by Gulshan Rai, DG, CERT-In.

Meeting with South Korean Delegation on Cyber Security Co-operation

DSCI participated in the India-Korea cyber security cooperation dialogue where both the sides shared their initiatives for enhancing cyber security. DSCI apprised the the Korean delegation on the initiatives taken by DSCI and NASSCOM for encouraging product innovation and entrepreneurship in the cyber security domain in the country.

TCS Symposium

Vinayak Godse, Director- Data Protection delivered a key note on ‘Technology, Business Innovation and Governance of Privacy’ at TCS Symposium, Chennai. In his address, he highlighted the importance and impact of policy proposals in business and operations during privacy implementation in an organization. He also emphasized on the transforming role of practitioners and engineers in understanding the policy proposals from both business and compliance perspective. Over 200 TCS employees attended meeting.

Seminar on Cyber security at DoT

Chiranshu Ahuja, Sr. Analyst, DSCI delivered a session at Department of Telecommunication on ‘Cyber Security- Issues Related to Financial Transactions’. He emphasized on the current threats scenarios based on the recent reports on the cybercrime and the defensive measures to be undertaken in the due course by the organizations.

DSCI NEWS January 2014

5

Cyberlabs Special Training Programs

387 police officials were trained on cybercrime investigation through the standard training programs across the eight cyber labs.

Special sessions on invitation were taken for the following organizations:

Vigilance Study Circle, Bangalore to deliver a session on ‘Cyber Forensics & Cyber Law’

National Law School of India University (NLSIU), Bangalore on ‘Cyber Crime & the Society’

Gurgaon Police on ‘Cyber Crime Investigation – Procedural Aspects’

Thane Police on ‘Overview of cyber crimes & building career in cyber forensics’ at cyber safety 2014

DSCI NEWS January 2014

6

Cnergyis Infotech India Pvt. Ltd GE India Technology Centre Pvt. Ltd. Narus Networks

Fluent India Pvt. Ltd. Karvy Data management Services Limited Cyber Security StudiesResearch Labs

DSCI Corporate Membership is open

Over 650 organizations from IT- BPM, Banking, Telecom, Manufacturing, Security, Consulting and Advisory services are already our members.

New Corporate Members http://www.dsci.in/membership

DSCI NEWS January 2014

7

The right to privacy in the digital ageKamlesh Bajaj, CEO, DSCI

Big Data Analytics: Boon for Security or Bane for privacyAseem Mukhi, Consultant, DSCI

Kinetic impact of exploiting operational technologiesMayank Lau, Consultant, DSCI

Taking down criminal networksMayank Lau, Consultant, DSCI

DSCI Blogs

Data Privacy Day: A Global Effort to Build a Culture of PrivacyMichel Kaiser, Executive Director, National Cyber Security Alliance

DSCI in NewsContributed Articles

DSCI NEWS January 2014

8

Editorial Board

Priti VandanaManager - Marketing & Communications, DSCI

Rahul JainPrincipal Consultant, DSCI

Data Security Council of IndiaNiryat Bhawan, 3rd Floor, Rao Tula Ram Marg,New Delhi - 110057, IndiaPhone: +91-11-26155070, Fax: +91-11-26155071Email: info@dsci.in, Website: www.dsci.in

Follow us on:

About DSCIDSCI is a focal body on data protection in India, set-up as an independent Self Regulatory Organization (SRO) by NASSCOM®, to promote data protection, develop security and privacy best practices & standards and encourage the Indian industries to implement the same.

DSCI is engaged with the Indian IT-BPM industry, their clients worldwide, Banking and Telecom sectors, industry associations, data protection authorities and other government agencies in different countries. It conducts industry wide surveys and publishes reports, organizes data protection awareness seminars, workshops, projects, interactions and other necessary initiatives for outreach and public advocacy. DSCI is focused on capacity building of Law Enforcement Agencies for combating cyber crimes in the country and towards this; it operates several cyber labs across India to train police officers, prosecutors and judicial officers in cyber forensics.

Public Advocacy, Thought Leadership, Awareness and Outreach and Capacity Building are the key words with which DSCI continues to promote and enhance trust in India as a secure global sourcing hub, and promotes data protection in the country.

data-security-council-of-india dsci.connect dsci_connect