Business Risks / Data Security
imperative for GICs
Risks – Structural and External Factors
Socio-political Industry on
treadmill
Customer
viewpoint
Concentration Vs
Competit...
GIC Specific Risks
Global
Leadership
Executive
Sponsorship
Operating
Model
Evolution
24-Apr-14 3
A NASSCOM®
Initiative
Managing the affairs of Security
and Privacy
A NASSCOM®
InitiativeA NASSCOM®
Initiative
Security and Privacy Affairs: Current State
National cyber security framework
N...
A NASSCOM®
Initiative
Security and Privacy Affairs: Issues & challenges
• Security attacks & threat vectors are targeted, ...
A NASSCOM®
Initiative
Awareness
Events, Seminars, Trainings, Workshops
Privacy Day- 28th Jan| 6 Meetings | Privacy Message...
Upcoming SlideShare
Loading in...5
×

NASSCOM GIC Conclave 2014 - Managing affairs of security and privacy in cross-border data flow - Som Mittal, Former Chairman and President, NASSCOM

397

Published on

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
397
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
50
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

NASSCOM GIC Conclave 2014 - Managing affairs of security and privacy in cross-border data flow - Som Mittal, Former Chairman and President, NASSCOM

  1. 1. Business Risks / Data Security imperative for GICs
  2. 2. Risks – Structural and External Factors Socio-political Industry on treadmill Customer viewpoint Concentration Vs Competition Global Vs International Industry structure Input resources • USD 100 billion industry; 3 million direct employment; Largest export sector • Diversified structure; Constant growth over 2 decades 24-Apr-14 Cyber security Technology disruptions Each of us need to assess our specific situation 2
  3. 3. GIC Specific Risks Global Leadership Executive Sponsorship Operating Model Evolution 24-Apr-14 3
  4. 4. A NASSCOM® Initiative Managing the affairs of Security and Privacy
  5. 5. A NASSCOM® InitiativeA NASSCOM® Initiative Security and Privacy Affairs: Current State National cyber security framework National cyber security policy Information Technology Act, 2000 & 2008 India CERT- advisories, drills & incidents Information Security Education & Awareness NCIIPC- Critical Infrastructure Protection Privacy rules notification under section 43 A New privacy law in making SecurityPrivacy Government Industry level- NASSCOM & DSCI Setting up DSCI for focused attention Engage in public policies & law making Negotiation for data transfers & market access Education- seminars, workshops & events Community building- DSCI chapters Cyber labs- building capacity of LEAs Export of security products & services NASSCOM Skill Registry Organization- IT, BPM, GICs Implementation of global standards Experience & learning from serving 90+ countries Security products & services Cloud computing Internet Governance Encryption Intermediaries Policies
  6. 6. A NASSCOM® Initiative Security and Privacy Affairs: Issues & challenges • Security attacks & threat vectors are targeted, advanced and persistent- data, IPR as well as personal, remained as the key target • Rising up the value chain exposes organizations to the increasing quantum and complexity of data, giving huge incentives to the threats, both external & insider • Supply chain of ICT products & services on the one hand becoming more complex, on the other hand security concerns around it fostering protectionist ideas • Cyber security demands action well beyond the own requirements of organization. Hence, compliance regulations are becoming increasingly stringent • Privacy is proving an important detrimental factor in the global flow of data, introducing restrictions & conditions, affecting top line growth & adding bottom-line cost • Global expectations on the data protection are rising, putting more responsibility and liability on the businesses • Conflict of the global requirements & domestic need is leading to non-homogeneous implementation of security & privacy standards, challenging global product architectures & service models • Law enforcement agencies may not be equipped to handle data breaches & cyber crimes, raising doubts on the ability to resolve security incidents
  7. 7. A NASSCOM® Initiative Awareness Events, Seminars, Trainings, Workshops Privacy Day- 28th Jan| 6 Meetings | Privacy Messages Desktop Theme |240,000 employees Network Corporate Members , Chapters Chapters | 10 chapters | security & privacy professionals Chapter Members| More than 1500 Public Advocacy Govt of India, International Regulatory Bodies NSCS | DeitY| DOT| MHA | MOC | EU | FTC | MEA Intermediaries| Privacy Law | Trade Negotiations – EU | Cloud Policy |Internet Governance Security & Privacy Practices DSCI & NASSCOM members , Domestic Industry Frameworks Security (DSF) | Privacy (DPF) |Assessment (DAF) Data Security Council of India Cyber Crime Investigation Law Enforcement, Judiciary, Security Agencies Cyber Labs 8 Labs (Thn, Mum, Blr, Chn, Hyd, Pne, Hyr, Kol) Training | 200-300 per month | more than 30000 MoU with CBI | Advanced courses Cyber Labs| Investigation Manual| Investigation Support Thought leadership -Study & Research Industry trends, challenges, practices | Policy Matters Securing cyber frontiers | Reference architecture | Security in Government Procurement | Surveys | FAQs Survey| Focused Study| Position papers Members | NASSCOM & Non- NASSCOM | Services DSCI Members| Total 700+ & NASSCOM Annual Summit | Best Practices Seminar | DSCI Awards Collaboration Academic, Government, industry, Professional Bodies , Content| Policies |Program| Training | Workshops CMU – Cloud computing measurement index (ISC)2 & SANS – core security training & workshops IITD, FMS, Open Group, GISFI Data Security Council of India Professional Certification Privacy | Security | Forensics DSCI Privacy Lead Assessor (DCPLA)- 200+ certified DCPP- Privacy Professionals, scheduled to launch in July CCFP- helped (ISC)2 develop forensic certification
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×