Your SlideShare is downloading. ×
SecureIT 2014 - Inaugural - Dr Shefali Dash, Director General, National Informatics Centre (NIC)
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

SecureIT 2014 - Inaugural - Dr Shefali Dash, Director General, National Informatics Centre (NIC)


Published on

SecureIT 2014 - Inaugural - Dr Shefali Dash, Director General, National Informatics Centre (NIC)

SecureIT 2014 - Inaugural - Dr Shefali Dash, Director General, National Informatics Centre (NIC)

Published in: Education

1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide
  • Protection of critical infrastructure, the DNS infrastructure in the country, attack on DNS can severely affect the entire ICT infrastucture.Proctection of supply chain, the components used in the infrastructure are also safe, like the components of router is malware free.
  • Most of the critical infrastructure are operated by Govt.Telecom Network is operated by private players also, like Airtel
  • Like telecom network, where private parties are in play, PPP model can work for security it.In sensitive areas, like nuclear, regulatory approach
  • Transcript

    • 1. Draft Strictly Private and Confidential March 12, 2014
    • 2. • Cyber attacks have increased in both volume and sophistication. • Cyber Security is perceived as one of the most serious economic and national security challenges we face as a nation. • How effectively industry and Government work together toward the common goal of securing cyberspace will ultimately impact  how secure we will be and  the degree to which society continues to reap the benefits of living in Digital Age Cyber Security • 4
    • 3. • The increased integration of Information and Communications Technology (ICT) into the daily activities of industries, Governments, families and consumers – along with the corresponding growth of cyberspace – has been a major driver of economic growth and productivity. • Cyberspace has created unprecedented opportunities for economic growth, it has also created unprecedented opportunities for bad actors. ICT Infrastructure & Society • 3
    • 4. Components • 5 Critical IT Infrastructure eGovernance Infrastructure Individual desktops/ electronic devices Information in Industry Infrastructure SECURITY
    • 5. Essential components to protect ICT infrastructure from attacks:  Significant investments in security from both operators and ICT vendors,  Strong network management,  Implementation of best practices and techniques, and  Voluntary coordination and compliance Protection • 5
    • 6. Challenges • 6 Protection of critical infrastructure Need for professional manpower Effective and dynamic coordination mechanism that caters to electricity, air traffic control, financial markets and Government computer networks in each of the institutions who are part of national cyber security infrastructure. among the institutions in protecting the Indian cyberspace, to synergize the efforts in a cohesive manner, so that the national cyber space remains secure.
    • 7. Challenges • 7 Exploring the feasibility of effective public- private sector cooperation Facility to engage professionals for the Government sector to join hands with the private sector with a common objective of securing the common cyber space. at responsible posts to harness the best talent which is available in the younger generation
    • 8. Challenges • 8 Developing indigenous technology Strengthening of legal framework to support the efforts by various elements of the structure, with adequate R&D investment and product certification facility. to deter, respond to and prosecute cybercriminals Partnering with end users to achieve security (down to the level of common people availing different services)
    • 9. The key for improving cyber security is to strengthen the broader cyber ecosystem that  enables rapid information sharing,  enhances public private partnerships, and  provides sufficient investment to address current and emerging threats. Way Forward • 9
    • 10. • Dedicated Cyber Security Group as part of its common ICT infrastructure for e-Governance. • Dedicated and experienced team of cyber security professionals covering the areas of Network security, Application security, Malware Analysis and other emerging areas. Measures taken by NIC • 10
    • 11. • Deployment of necessary technical security controls covering network, applications, data centre and end users. • Network firewalls & Unified Threat Management systems at gateway points to limit unauthorised access. Measures taken by NIC • 11 • Intrusion Prevention Systems to detect & prevent cyber attacks. • Anti-virus solutions to prevent virus/malware attacks.
    • 12. • Application Firewalls to provide extra layer of security against application level attacks. • Security Information & Event Management Systems to collect/analyze/correlate security events to identify intrusion attempts in real-time. • 24x7 Security Operations Centre to monitor & remediate attack attempts. Measures taken by NIC • 12
    • 13. • NIC has developed necessary policies/procedures/ guidelines including "Cyber Security Policy for Government of India". • All applications are security audited & certified prior to hosting in the NIC Data Centres and thereafter routinely checked to assess the security posture. • Network security audit is carried for cyber assets deployed in critical Ministries/Bhawans. • Advanced malwares are analysed and the analysis results are used to sanitize NIC security controls. Measures taken by NIC • 13
    • 14. • NIC follows policies/guidelines set by other agencies as well as contributes to development of these policies. • NIC’s Cyber Security Group contributes to achieve the Governments' vision on making the cyber space safe  by implementing necessary steps in areas including Technology, Processes and People Measures taken by NIC • 14
    • 15. Capacity Building • 15 • To effectively monitor, detect and respond to newer attacks. Continuous Technology Upgradation • to enhance the policy compliance through measures like awareness/training. End Users to be further sensitized • Existing professionals needs to be trained in emerging areas and young blood should be injected into the team. Retaining Experienced Cyber Security Manpower
    • 16. • Nearly every aspect of citizens’ daily life has been considerably transformed by the Information Revolution. • A trusted and resilient digital infrastructure that can withstand attacks would provide a platform for innovation and prosperity, the benefits of which could be reaped by the common man at the grass root level. • Due-diligence to be done to address safety in cyber space, including both proactive and reactive measures. Conclusion • 16
    • 17. Thank You... Dr. Shefali Dash Director General National Informatics Centre Government of India e-mail:• 17