Our Vision

Our Mission

Our Objectives

Public Advocacy on Data Protection and Cyber Security

Harness data protection as a lever for economic development of India through global integration of practices and standards conforming to various legal regimes.

To create trustworthiness of Indian companies as global sourcing service providers, and to assure clients worldwide that India is a secure destination for outsourcing where privacy and protection of customer data are enshrined in the global best practices followed by the industry.

Thought Leadership through Best Practices and standardsCapacity Building on Security and Privacy Cyber Crime Speedier Trial through training of Law Enforcement Agencies and JudiciaryIndependent Oversight for Assurance & Dispute resolution through ADR towards Self-Regulation

4

4

4

4

4

UPCOMING EVENTS

DSCI NEWS N E W S L E T T E R O F D ATA S E C U R I T Y CO U N C I L O F I N D I A

November - December 2013 Vol. 4 No. 7

DCPLA Training DCPLA Training th7 Batch Pune, January 8-10, 2014

(by invitation only)

Data Privacy DayJanuary 28, 2014

Data Privacy Day

INDIA EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS

INDIA-EU FTA NEGOTIATIONS

Several rounds of discussions were held with the representatives of EFTA countries (Switzerland, Iceland, Leichestien and Norway) on promoting trans-border data flow between EFTA and India under the aegis of Ministry of Commerce. DSCI along with NASSCOM made detailed analysis of current data protection regime in the country, and proposed formulation for easier data flows. Both the sides are engaged with the objective of relaxing restrictions on cross border data flows between the respective regions.

India and EU have appointed an Expert Group comprising experts from both the sides to discuss the findings of the EU Data Adequacy report on Indian data protection regime. With representation from DSCI and NASSCOM, the group will also review the periodic progress made by EU and India on the implementing the recommendations of the Expert Group with the ultimate objective of exploring the possibility of provisional adequacy and specific arrangements for IT/BPM sector. First meeting is proposed in Feb 2014 in Brussels.

DISCUSSIONS WITH US DEPARTMENT OF COMMERCE (DOC) & FEDERAL TRADE COMMISSION

(FTC) ON DPF & APEC CBPRs

DEVELOPMENT OF COLLABORATIVE PROTECTION PROFILES UNDER CCRA

DSCI is in discussions with DoC and FTC in the US for recognition of DPF under the APEC Cross Border Privacy Rules (CBPRs). A

dialogue has been initiated to compare the DPF practices with the APEC CBPRs and also do a detailed study of the data protection regime in India.

On the request of Standardisation Testing and Quality Certification Directorate (STQC), DSCI has invited industry participation for the development of Collaborative Protection Profiles (CPPs) under the Common Criteria Recognition Arrangement (CCRA) for security testing of IT products. A very encouraging response from the industry has been received by DSCI for the development of CPPs for various International Technical Committees (iTC) including - Networks, Mobile, Multi-Functional Printers (MFPs), Applications, OS, USB, Smart Cards, Card Readers, Anti-Virus, Web Apps, Encryption and Cross domain.

DSCI NEWS NOVEMBER-DECEMBER 2013

2

DSCI CERTIFICATION PROGRAM- DCPLA TRAINING DSCI organized the sixth batch of DSCI Certified Privacy Lead Assessor (DCPLA) training under the DSCI Training and Certification Program. The training was conducted in Hyderabad from 20-22 November at the Genpact premises. It was attended by 18 participants from Wipro, Dr. Reddy's Laboratory, Deloitte, KPMG, Wellsfargo, Genpact, Broadridge Financial Solutions, Continuity & Resilience and Vodafone.

BSA on 'Privacy and Security Challenges in Cloud Computing

Verizon on 'Security Defense Strategies and Technologies'

Trusted Computing Group on 'Trusted Computing

Cisco on 'Security Strategy for Attack Continuum

Verizon on 'Dynamic threat landscape with dynamic tech changes, multi-platforms and cloud adoption

Websense on 'Creating Content And Context Aware Security Framework To Defend Against Zero Day And Targeted Attacks

Akamai on 'Security Challenges In The Hyperconnected World: Is India Ready?

Symantec on 'Staying ahead of the security threat curve

thDSCI organized the 8 edition of its security summit at The Grand, New Delhi on December 10-12, 2013. The Security Summit, one of the biggest annual events on information security that witnessed active participation of over 500 leaders and experts from the security community.

This year the agenda of the summit covered the contemporary trends and evolutions in security and privacy through various sessions, technology insights, keynotes, plenaries, debates, policy deliberations and views of industry experts. It featured over 44 sessions including plenaries, multiple parallel track sessions, breakfast meets and 10 keynote sessions. This year the summit expanded its scope, scale, offerings and opportunities with a special focus on: National Security, Architectural Paths, Policy Governed Systems, Critical Internet Resources, Internet Governance, Criminal Networks, Cyber Warfare, Big Data, Pre-emptive Cyber Strike , Clean Pipe, Operational Technologies, 'Development and Operations(DevOps), Trust Overlay, SIEM, Cyberwar Mercenaries, Privacy in global surveillance, Digital Forensics, Security & Privacy As Career' and amongst others.

NASSCOM-DSCI ANNUAL INFORMATION SECURITY SUMMIT 2013

Roundtable meetings conducted in association withWorkshops conducted in association with

3

On the sidelines of the summit, DSCI also conducted 3 pre-event workshops, and 5 roundtable meetings focused on contemporary trends and technology evolutions.

Shri Kapil Sibal, Hon'ble Minister of Communications & IT inaugurated the Summit. In his inaugural address he emphasized on the growing security challenges that are emerging in the digital world. He expressed the need for legal framework for global community and asserted that global co-operation is essential to address the security related issues in the cyber world. He also appreciated the efforts DSCI is taking in this direction to sensitize the industry and community on the security and privacy related issues though conducting such events and bringing the stakeholders together.

NASSCOM-DSCI ANNUAL INFORMATION SECURITY SUMMIT 2013

4

Over 100 prominent speakers shared their thoughts and experiences on various policy and technology issues. Some of the eminent speakers were: G K Pillai, Former Home Secretary; Shyamal Ghosh, Former Secretary, DoT and Former Chairman, DSCI; Gulshan Rai, DG, Cert-In; Som Mittal, President, NASSCOM; N S Kalsi, Joint Secretary (Police-II), Ministry of Home Affairs; Muktesh Chander, IPS, Joint Commissioner of Police, Delhi Police; M M Oberoi, IPS, IGP, Delhi Police; Vivek Lall, President & CEO, Reliance Industries; Raman Roy, Chairman & MD, Quatrro Global Services; Preeti Das, CEO, Birlasoft; S K Bhalla, Director, National Telecom Training Institute, DoT; Lt Gen (Retd) Aditya Singh, Former Member of the National Security Advisory Board; Vakul Sharma, Advocate, Supreme Court; Amit Sharma, Deputy Director, DRDO; A P Singh, DDG, UIDAI; R R Mittar, DDG, TEC; Kuek Yu-Chuang, VP Asia, ICANN; Vikram Tiwathia, Associate Director General, COAI; Sivarama Krishnan, Partner, PricewaterhouseCoopers Pvt. Ltd; W. Hord Tipton,Executive Director, (ISC); S Ramaswamy, ED (IS), IOCL; Vishal Salvi, CISO, HDFC Bank; Anil Nama, CIO, CtrlS Datacenters Ltd; Narayanan Madhavan, Senior Editor, Hindustan Times; Samik Mukherjee, Policy Strategists, Intel; PVS Murthy, Global Head - Governance, Risk & Compliance, TCS; Samir Dutt, Director, Forensics Guru; Aditi Phadnis Mehta, Editor, Business Standard; Arun Mohan Sukumar, Editor, The Hindu and among others .

DSCI in association with ETCIO, an initiative of Economic Times also launched its security portal. Som Mittal, President, NASSCOM launched the portal in presence of T K Arun, Editor, Economic Times and Kamlesh Bajaj, CEO, DSCI. As part of this initiative, DSCI-ETCIO security newsletter will be published weekly capturing latest trends, best practices, analysis, research and happenings in the domain of Security and Privacy.

5

NASSCOM-DSCI ANNUAL INFORMATION SECURITY SUMMIT 2013

DSCI Excellence Awards 2013 continued to be an integral part of the Summit. Both the corporate and law-enforcement awards were presented together. The awards to the winners were felicitated by Shri. GK Pillai, Former Home Secretary, Government of India in the presence of Som Mittal, President, NASSCOM; Kamlesh Bajaj, CEO, DSCI.

The jury members for the corporate segment included Ganesh Natarajan, Vice Chairman & CEO of Zensar Technologies; B. Sambamurthy, Director, IDRBT; Kersi Tavadia, CIO, BSE Limited; Prof. M.P. Gupta, Department of Management Studies, IIT Delhi and law enforcement segment included Loknath Behera, IG, Bureau of Police Research & Development (BPR&D), Ministry of Home Affairs; Pratap Reddy, IPS, IGP, Western Range, Karnataka; Nandkumar Saravade, Advisor, Assurance, Ernst & Young LLP; and Vakul Sharma, Advocate Supreme Court..

PricewaterhouseCoopers (PwC) was the process partner for the awards.

This year, 65 nominations were received in the corporate segment, and 14 nominations in the law enforcement segment. The latter includes India Cyber Cop of the Year and Excellence in Capacity Building of LEAs.

DSCI EXCELLENCE AWARDS 2013

2013

6

With the threat environment get