“The IT (Amendment Act, 2008 (ITAA 2008) is on a sound footing. A strong data protection regime requires that cyber crimes such as identity theft, phising, data leakage, cyber terrorism, child pornography etc. be covered to ensure data security and data privacy, said Dr. Kamlesh Bajaj, CEO, Data Security Council of India (DSCI) in his welcome address at DSCI’s Best Practices Meet 2011 in Bengaluru on Tuesday.
“The Indian IT (Amendment Act, 2008 (ITAA 2008) has indeed established a strong protection regime in India. It also provides for security of critical infrastructure, by terming such cyber attacks as cyber terrorism; and for establishing a nation encryption policy for data security. ITAA 2008 thus enhances trustworthiness of cyberspace,” Dr. Bajaj added.
Best Practices Meet
DSCI, a NASSCOM initiative, organized its third DSCI Best Practices Meet for Data Protection focussed on ‘Promoting Dialogue for Building an Ecosystem for Data Protection’.
This year’s meet specifically focussed on the regulatory environment – rules under section 43A and 79 of the IT (Amendment) Act, 2008 and its implications on business and privacy ecosystem in India; the new landscape – the cloud – and security and privacy as important challenges to the adoption of cloud computing; and the current trends in security practices being followed in specific disciplines like threat and vulnerability management, application security and user access and privilege management.
DSCI presented its experience of taking the Security and Privacy Framework (DPF) to the industry, and took a deep dive in some of the important security disciplines.
Ensuring Data Protection
The meet also featured the release of the study on insider threat – ‘The Threat Within’ – developed by DSCI and Pricewaterhouse Coopers. The study is based on a survey of service provider organisations and client organisations and highlights some interesting findings, reflecting the perspectives of both the service providers and clients.
Krishnakumar Natrajan, CEO& MD, Mindtree, in his inaugural address drew the attention to the fact that Indian IT solutions providers are now performing core functions for their clients and how to create an environment of data protection to make an organization more global in its approach. He said, “Through public advocacy, assessments and frameworks, India will further enhance its status as a preferred provider of IT services.”
Manoj Chugh, president-India & Saarc, EMC Corporation presented the theme address and traced the evolution of practices deployed for data security and privacy. He outlined the changing threat landscape, persistence of attacks and emphasized the need for aligning security practices with the business objectives and organizational strategy.
Dr. Kamlesh Bajaj, said, “India features high on sound data protection practices and with the announcement of Rules under section 43A and 79 of the IT (Amendment) Act 2008, data protection regime has been completely defined. It is interesting to note that these rules define privacy principles along with what constitutes reasonable security practices. The meet highlighted the best practices that would provide organizations the methodologies to develop efficient compliance culture in organisations and business continuity models based on DSCI frameworks.”
The DSCI Best Practices Meet witnessed participation of over 300 senior level professionals from services providers as well as users community from industry verticals like IT/BPO, banking, telecom and government entities. The panel discussions on the topics ranging from IT (Amendment) Act, 2008, challenges in cloud computing, and on various disciplines of data security and privacy focussed on the ways of addressing the challenges faced by the service providers and clients. The discussions offered a 3600 view to build an efficient ecosystem for data protection in the country.
