Download - DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

Transcript
Page 1: DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

Our Vision

Our Mission

Our Objectives

Public Advocacy on Data Protection and Cyber Security

Harness data protection as a lever for economic development of India through global integration of practices and standards conforming to various legal regimes.

To create trustworthiness of Indian companies as global sourcing service providers, and to assure clients worldwide that India is a secure destination for outsourcing where privacy and protection of customer data are enshrined in the global best practices followed by the industry.

Thought Leadership through Best Practices and standardsCapacity Building on Security and Privacy Cyber Crime Speedier Trial through training of Law Enforcement Agencies and JudiciaryIndependent Oversight for Assurance & Dispute resolution through ADR towards Self-Regulation

4

4

4

4

4

UPCOMING EVENTS

DSCI NEWS N E W S L E T T E R O F D ATA S E C U R I T Y CO U N C I L O F I N D I A

November - December 2013 Vol. 4 No. 7

DCPLA Training DCPLA Training th7 Batch

Pune, January 8-10, 2014 (by invitation only)

Data Privacy DayJanuary 28, 2014

Data Privacy Day

Page 2: DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

INDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS

INDIA-EU FTA NEGOTIATIONS

Several rounds of discussions were held with the representatives of EFTA countries (Switzerland, Iceland, Leichestien and Norway) on promoting trans-border data flow between EFTA and India under the aegis of Ministry of Commerce. DSCI along with NASSCOM made detailed analysis of current data protection regime in the country, and proposed formulation for easier data flows. Both the sides are engaged with the objective of relaxing restrictions on cross border data flows between the respective regions.

India and EU have appointed an Expert Group comprising experts from both the sides to discuss the findings of the EU Data Adequacy report on Indian data protection regime. With representation from DSCI and NASSCOM, the group will also review the periodic progress made by EU and India on the implementing the recommendations of the Expert Group with the ultimate objective of exploring the possibility of provisional adequacy and specific arrangements for IT/BPM sector. First meeting is proposed in Feb 2014 in Brussels.

DISCUSSIONS WITH US DEPARTMENT OF COMMERCE (DOC) & FEDERAL TRADE COMMISSION

©(FTC) ON DPF & APEC CBPRs

DEVELOPMENT OF COLLABORATIVE PROTECTION PROFILES UNDER CCRA

DSCI is in discussions with DoC and FTC in the US for recognition of ©DPF under the APEC Cross Border Privacy Rules (CBPRs). A

dialogue has been initiated to compare the DPF practices with the APEC CBPRs and also do a detailed study of the data protection regime in India.

On the request of Standardisation Testing and Quality Certification Directorate (STQC), DSCI has invited industry participation for the development of Collaborative Protection Profiles (CPPs) under the Common Criteria Recognition Arrangement (CCRA) for security testing of IT products. A very encouraging response from the industry has been received by DSCI for the development of CPPs for various International Technical Committees (iTC) including - Networks, Mobile, Multi-Functional Printers (MFPs), Applications, OS, USB, Smart Cards, Card Readers, Anti-Virus, Web Apps, Encryption and Cross domain.

©

DSCI NEWS NOVEMBER-DECEMBER 2013

2

DSCI CERTIFICATION PROGRAM- DCPLA TRAINING DSCI organized the sixth batch of DSCI Certified Privacy Lead Assessor (DCPLA) training under the DSCI Training and Certification Program. The training was conducted in Hyderabad from 20-22 November at the Genpact premises. It was attended by 18 participants from Wipro, Dr. Reddy's Laboratory, Deloitte, KPMG, Wellsfargo, Genpact, Broadridge Financial Solutions, Continuity & Resilience and Vodafone.

Page 3: DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

BSA on 'Privacy and Security Challenges in Cloud Computing’

Verizon on 'Security Defense Strategies and Technologies'

Trusted Computing Group on 'Trusted Computing’

Cisco on 'Security Strategy for Attack Continuum’

Verizon on 'Dynamic threat landscape with dynamic tech changes, multi-platforms and cloud adoption’

Websense on 'Creating Content And Context Aware Security Framework To Defend Against Zero Day And Targeted Attacks’

Akamai on 'Security Challenges In The Hyperconnected World: Is India Ready?’

Symantec on 'Staying ahead of the security threat curve’

thDSCI organized the 8 edition of its security summit at The Grand, New Delhi on December 10-12, 2013. The Security Summit, one of the biggest annual events on information security that witnessed active participation of over 500 leaders and experts from the security community.

This year the agenda of the summit covered the contemporary trends and evolutions in security and privacy through various sessions, technology insights, keynotes, plenaries, debates, policy deliberations and views of industry experts. It featured over 44 sessions including plenaries, multiple parallel track sessions, breakfast meets and 10 keynote sessions. This year the summit expanded its scope, scale, offerings and opportunities with a special focus on: National Security, Architectural Paths, Policy Governed Systems, Critical Internet Resources, Internet Governance, Criminal Networks, Cyber Warfare, Big Data, Pre-emptive Cyber Strike , Clean Pipe, Operational Technologies, 'Development and Operations(DevOps), Trust Overlay, SIEM, Cyberwar Mercenaries, Privacy in global surveillance, Digital Forensics, Security & Privacy As Career' and amongst others.

NASSCOM-DSCI

ANNUAL INFORMATION SECURITY SUMMIT 2013

Roundtable meetings conducted in association withWorkshops conducted in association with

3

On the sidelines of the summit, DSCI also conducted 3 pre-event workshops, and 5 roundtable meetings focused on contemporary trends and technology evolutions.

Shri Kapil Sibal, Hon'ble Minister of Communications & IT inaugurated the Summit. In his inaugural address he emphasized on the growing security challenges that are emerging in the digital world. He expressed the need for legal framework for global community and asserted that global co-operation is essential to address the security related issues in the cyber world. He also appreciated the efforts DSCI is taking in this direction to sensitize the industry and community on the security and privacy related issues though conducting such events and bringing the stakeholders together.

Page 4: DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

NASSCOM-DSCI ANNUAL INFORMATION SECURITY SUMMIT 2013

4

Page 5: DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

Over 100 prominent speakers shared their thoughts and experiences on various policy and technology issues. Some of the eminent speakers were: G K Pillai, Former Home Secretary; Shyamal Ghosh, Former Secretary, DoT and Former Chairman, DSCI; Gulshan Rai, DG, Cert-In; Som Mittal, President, NASSCOM; N S Kalsi, Joint Secretary (Police-II), Ministry of Home Affairs; Muktesh Chander, IPS, Joint Commissioner of Police, Delhi Police; M M Oberoi, IPS, IGP, Delhi Police; Vivek Lall, President & CEO, Reliance Industries; Raman Roy, Chairman & MD, Quatrro Global Services; Preeti Das, CEO, Birlasoft; S K Bhalla, Director, National Telecom Training Institute, DoT; Lt Gen (Retd) Aditya Singh, Former Member of the National Security Advisory Board; Vakul Sharma, Advocate, Supreme Court; Amit Sharma, Deputy Director, DRDO; A P Singh, DDG, UIDAI; R R Mittar, DDG, TEC; Kuek Yu-Chuang, VP Asia, ICANN; Vikram Tiwathia, Associate Director General, COAI; Sivarama Krishnan, Partner, PricewaterhouseCoopers Pvt. Ltd; W. Hord Tipton,Executive Director, (ISC)²; S Ramaswamy, ED (IS), IOCL; Vishal Salvi, CISO, HDFC Bank; Anil Nama, CIO, CtrlS Datacenters Ltd; Narayanan Madhavan, Senior Editor, Hindustan Times; Samik Mukherjee, Policy Strategists, Intel; PVS Murthy, Global Head - Governance, Risk & Compliance, TCS; Samir Dutt, Director, Forensics Guru; Aditi Phadnis Mehta, Editor, Business Standard; Arun Mohan Sukumar, Editor, The Hindu and among others .

DSCI in association with ETCIO, an initiative of Economic Times also launched its security portal. Som Mittal, President, NASSCOM launched the portal in presence of T K Arun, Editor, Economic Times and Kamlesh Bajaj, CEO, DSCI. As part of this initiative, DSCI-ETCIO security newsletter will be published weekly capturing latest trends, best practices, analysis, research and happenings in the domain of Security and Privacy.

5

NASSCOM-DSCI ANNUAL INFORMATION SECURITY SUMMIT 2013

Page 6: DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

DSCI Excellence Awards 2013 continued to be an integral part of the Summit. Both the corporate and law-enforcement awards were presented together. The awards to the winners were felicitated by Shri. GK Pillai, Former Home Secretary, Government of India in the presence of Som Mittal, President, NASSCOM; Kamlesh Bajaj, CEO, DSCI.

The jury members for the corporate segment included Ganesh Natarajan, Vice Chairman & CEO of Zensar Technologies; B. Sambamurthy, Director, IDRBT; Kersi Tavadia, CIO, BSE Limited; Prof. M.P. Gupta, Department of Management Studies, IIT Delhi and law enforcement segment included Loknath Behera, IG, Bureau of Police Research & Development (BPR&D), Ministry of Home Affairs; Pratap Reddy, IPS, IGP, Western Range, Karnataka; Nandkumar Saravade, Advisor, Assurance, Ernst & Young LLP; and Vakul Sharma, Advocate Supreme Court..

PricewaterhouseCoopers (PwC) was the process partner for the awards.

This year, 65 nominations were received in the corporate segment, and 14 nominations in the law enforcement segment. The latter includes India Cyber Cop of the Year and Excellence in Capacity Building of LEAs.

DSCI EXCELLENCE AWARDS 2013

2013

6

“ “With the threat environment getting worse and increasing dependency on the cyberspace, the significance of the security preparedness becomes a foremost concern in any organization. The organizations in India have been adopting latest security practices and technologies to safeguard against the vulnerabilities and evolving threats. DSCI Excellence Awards is an endeavor to recognize, honor and reward these organizations and individuals who have implemented strong, effective and resilient security programs to help the organizations address real risks, build resilience, increase trustworthiness and create a conducive environment for doing business. I congratulate all the winners of the DSCI Excellence Awards 2013.

Kamlesh Bajaj, CEO, DSCI

Page 7: DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

DSCI EXCELLENCE AWARDS 2013

Winners of the DSCI Excellence Awards 2013

DSCI Excellence Awards for Security

DSCI Excellence Award for Privacy

DSCI Excellence Award to Information Security Product Company

DSCI Excellence Award: Security Leader of the Year, supported by RSA

DSCI Excellence Award: Privacy Leader of the Year Award

4Security in Bank: HDFC Bank Ltd.Security in Telecom: Reliance CommunicationsSecurity in e-Governance: UIDAISecurity in e-Commerce: Ibibo Web Pvt. Ltd. (B2C) and National Payments Corporation of India (B2B)Security in IT Services - Large: Polaris Financial Technology Ltd.Security in IT Services - SME: Broadridge Financial Solutions (India) Private Ltd.Security in BPM - Large: Genpact Ltd.Security in BPM - SME: Quatrro Global Services Pvt. Ltd

4 4 4

4 4

4 4

4 Bharti Airtel Ltd.

4 Cyberoam Technologies Pvt Ltd.

4 Arun Kumar Anand, NIIT Technologies Ltd. (IT Sector)

4 Raja Vijay Kumar Adapa, Genpact Ltd. (BPM Sector)

4 Shanmugasundaram Ramasamy, Indian Oil Corporation Ltd. (Energy Sector)

4 Sharad Sadadekar, HDFC Life Insurance Co. Ltd. (Financial Sector)

4 Vishal Salvi, HDFC Bank Ltd (Banking Sector)

Burgess Cooper, Vodafone India Ltd.

DSCI Excellence Award for Capacity Building of Law Enforcement Agencies

DSCI Excellence Award: India Cyber Cop of the Year

4

4

Central Bureau of Investigation (CBI)

Suresh Kumar, Police Inspector, Cyber Crime Cell Haryana, Gurgaon Police

W I N N E R S

LAW ENFORCEMENT SEGMENT

CORPORATE SEGMENT

7

Page 8: DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

MEETING WITH ISRAELI DELEGATION

INDIA-CANADA BILATERAL MEETING

MEETING WITH IAPP OFFICIALS

DSCI-DELTAPROACTIVE ROUNDTABLE MEETING

DSCI convened a meeting with Israeli delegation led by Nimrod Kozlovski, Head of Jerusalem Venture Partners (JVP) Cyber Labs and the Indian cyber security product and services companies to explore the possibilities of funding from the JVP-India partnership. The meeting also focused on apprising the delegation on the business offerings of the Indian cyber security product and services companies.

DSCI through DeitY was part of Indian delegation in the India-Canada Bilateral Meeting on Information and Communication Technology and Electronics (ICTE). DSCI apprised the delegation on its role as focal body on data protection in India. It also briefed the delegation on DSCI work in the areas of public advocacy and thought leadership in different domains namely Privacy, Security and Internet Governance. The Canadian delegation has also invited DSCI to be part of Indian delegation in further rounds of discussions with an objective to increase Industry-Industry and Government -Industry interaction and co-operation.

A meeting was held with International Association of Privacy Professionals (IAPP) officials to explore the possibilities of establishing working relationship between DSCI and IAPP, especially in the context of training and certification program started by DSCI. Both the sides will continue to engage in near future to explore the possibilities of collaboration in the area of capacity building in privacy domain.

DSCI conducted a roundtable meeting on 'Security 2020' in association with DeltaProactive in Mumbai. The meeting focused on technology and business trends, privacy aspects, service models, governance technologies which will shape security in 2020. It also focused on the challenges which can emerge due to technological innovations including-3D printing, augmentation technologies, intuitive information management systems, life helping/correcting information delivery, super artificial Intelligence, virtual interfaces and many more.

Vinayak Godse, Director-Data Protection, DSCI; Anshul Abhang, CEO & MD, Delta Proactive; and Uma Shankar, Consultant, IBM highlighted the above key points with the security professionals from Banking, IT/BPM, Financial Services and Telecom participating the meeting.

Kamlesh Bajaj, CEO, DSCI participated in the World Cyber Security Summit in San Francisco, USA conducted by EastWest Institute. He was invited to speak in the panel on "Diplomatic Strategies" and "Success story and Way forward". He underlined the following points in his presentation :

4The Internet has limited the powers of governments to perform the functions of national security, safety of citizens, and regulation of economic activities.

4Democratization of communication has taken place through social media but the freedom of expression and privacy issues are dominating the global discussion on cyberspace.

4Internet Governance currently under the control of the US Government has to be made open, and laws applicable in the cyberspace have to be agreed upon in the interest of the national security of other countries.

4US NSA surveillance of the Internet has highlighted the need for urgent action on Internet Governance.

4Need to lay down International rules to regulate cyber behavior and establish effective means to solve urgent problems related to users and terrorists.

Cyber Security Mock Drill organized by CERT-In concluded in December. This year the drill focused on organizations that manage Data Centres and provide Cloud Services. DSCI facilitated participation of 23 organizations in the mock drill exercise.

TH4 WORLDWIDE CYBERSPACE COOPERATION SUMMIT FRANCISCO, USA

CYBER SECURITY MOCK DRILL

DSCI NEWS

8

NOVEMBER-DECEMBER 2013

Page 9: DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

DSCI NEWS

VODAFONE GLOBAL PRIVACY SUMMIT

INFORMATION SECURITY SUMMIT, DELL INDIA

QUALITY TECH TALK EVENT AT HP

Vodafone Global Privacy Summit themed 'Privacy as a brand differentiator' was organized at Vodafone headquarters in Mumbai. Rahul Jain, Principal Consultant, DSCI participated in the summit and presented his views on the data protection regime in India. He

©apprised the audience on the DSCI Privacy Framework (DPF ) and the assessment ecosystem which DSCI is creating around it. The DSCI Privacy Certification is expected to be leveraged by organizations to project privacy protection as a market differentiator.

Dell India organized an Information Security Summit in Bangalore. Rahul Jain, Principal Consultant, DSCI participated in the summit and apprised the audience on the global and national issues and developments in the cyber security and privacy. The summit was attended by Dell India executives including the senior leadership.

HP celebrated World Quality Month (November) in HP Campus, Bangalore. Rahul Sharma, Consultant, DSCI, presented a talk on the privacy landscape in India and global developments around privacy. He apprised the audience on the DSCI Privacy Framework

©(DPF ) and the assessment ecosystem and how DSCI is trying to alleviate privacy baseline through capacity building by creating training & certification programs for organizations & individuals. The event was attended by over 200 HP India executives including the senior leadership team, program & project managers, leaders from HP's other entities and domains.

CYBER LABS SPECIAL TRAINING PROGRAM

4580 police officials were trained on cybercrime investigation through the standard training programs across eight cyber labs.

4193 personnel trained through short courses conducted on the 'Effective usages of Internet' and 'Overview of Cyber Crimes & Cyber Law’

Special sessions on invitation were taken for the following organizations:

4National Law School of India University, Bangalore on 'Cyber Crimes-The Technical perspective' and 'Digital Evidence & its handling' in November and December respectively.

4CBI Academy Ghaziabad on 'Cyber Crime Investigation & Computer Forensics' for Sri Lankan Police Officers

NOVEMBER-DECEMBER 2013

9

Page 10: DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

DSCI NEWS

10

New Corporate Members 4Cyberoam Technologies Pvt Ltd 4eCore-Agile Security Services Pvt Ltd 4Honcho Commercial Pvt Ltd

4Manipal Global Education Services Pvt Ltd 4Narus Networks 4Nevis Networks India Pvt Ltd

4Panoramic Universal Ltd 4Reliance Communications 4SDG Software India Pvt Ltd

Over 650 organizations from IT/BPO, Banking, Telecom, Manufacturing, Security, Consulting and Advisory services are already our members.

DSCI Corporate Membership is openhttp://www.dsci.in/membership

NOVEMBER-DECEMBER 2013

Benefits to DSCI Member Companies

Page 11: DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

DSCI NEWS

11

NOVEMBER-DECEMBER 2013

DSCI in News

Some countries involved in cyber crime The Economic Times (Hindi)

Some nations are indulging in cybercrime: Kapil Sibal Dainik Jagran

Global Cooperation Essential for Cyber Security: Sibal CXO Today

NASSCOM-DSCI 8th Annual Information

Security Summit opens today in New DelhiInformation week

Gurgaon officer gets Cyber Cop of Year award Business Standard

Cyber cell awarded for data securityTimes of India

Honour for Pune police cyber crime cell Indian Express

Some nations indulging in cybercrime, says Kapil Sibal Mint

Sibal warns of increased cyber security threat Governance Now

NASSCOM-DSCI 8th annual Information

Security Summit opens today

CIOL

ETCIO.com, DSCI launches Security Initiative ETCIO.Com

Many countries include in cyber crime Navbharat Times

Page 12: DSCI November NL 2013 · PDF fileINDIA – EUROPEAN FREE TRADE ASSOCIATION (EFTA) NEGOTIATIONS INDIA-EU FTA NEGOTIATIONS Several rounds of discussions were held with the representatives

DSCI is a focal body on data protection in India, set-up as an independent Self Regulatory Organization (SRO) by NASSCOM®, to promote data protection, develop security and privacy best practices & standards and encourage the Indian industries to implement the same.

DSCI is engaged with the Indian IT/BPO industry, their clients worldwide, Banking and Telecom sectors, industry associations, data protection authorities and other government agencies in different countries. It conducts industry wide surveys and publishes reports, organizes data protection awareness seminars, workshops, projects, interactions and other necessary initiatives for outreach and public advocacy. DSCI is focused on capacity building of Law Enforcement Agencies for combating cyber crimes in the country and towards this; it operates several cyber labs across India to train police officers, prosecutors and judicial officers in cyber forensics. Public Advocacy, Thought Leadership, Awareness and Outreach and Capacity Building are the key words with which DSCI continues to promote and enhance trust in India as a secure global sourcing hub, and promotes data protection in the country.

About DSCI

Priti VandanaManager - Marketing & Communications, DSCI

Rahul JainPrincipal Consultant, DSCI

Data Security Council of India Niryat Bhawan, 3rd Floor, Rao Tula Ram Marg,New Delhi - 110057, IndiaPhone: +91-11-26155070, Fax: +91-11-26155071Email: [email protected], Website:

Editorial Board

www.dsci.in

http://www.linkedin.com/groups?gid=1846736&trk=hb_side_g

http://twitter.com/DSCI_CONNECT

http://www.facebook.com/DSCI.CONNECT

DSCI NEWS NOVEMBER-DECEMBER 2013

12