SlideShare a Scribd company logo
NATIONAL CYBER
SECURITY POLICY - 2013
SANTOSH KAHDASRE
PREAMBLE
SANTOSH KHADSARE 2
Complex environment of integrations between people,
software and services
Common pool used by citizens, businesses , critical
information infrastructure ,military and groups
Vulnerable to a wide range of incidents, whether intentional
or accidental, manmade or natural, and the info can be
exploited by both nation states and non state actors
SANTOSH KHADSARE 3
CYBERSPACE IS…..
Caters to the whole spectrum of ICT users and
providers and is an evolving process
IT SERVES AS AN UMBRELLA FRAMEWORK FOR
DEFINING AND GUIDING THE ACTIONS RELATED
TO SECURITY OF CYBER SPACE
It also enables the individual sectors and org in
designing appropriate cyber security polices to suit
their needs
SANTOSH KHADSARE 4
CYBER SECURITY POLICY
TO BUILD A SECURE AND RESILIENT
CYBERSPACE FOR CITIZENS,
BUSINESSES AND GOVERNMENT
SANTOSH KHADSARE 5
VISION
SANTOSH KHADSARE 6
MISSION
SANTOSH KHADSARE 7
OBJECTIVES
Create a secure
cyber ecosystem
Create an assurance
framework
Strengthen the
regulatory
framework
Enhance and create
national and
sectorial level 24x7
mechanisms for
info gathering
Enhance protection
and resilience of CII
by operating 24x7
NCIIPC
Develop indigenous
security
technologies
SANTOSH KHADSARE 8
OBJECTIVES
Est infrastructure
for testing &
validation of
security of such
products
Create workforce of
500,000
professionals in
next five years
Fiscal benefits to
businesses for
adoption of std
security practices
and processes
Enable effective
prevention ,
investigation and
prosecution of
cyber crime
Create culture of
cyber security
Develop public pvt
partnerships and
enhance global
cooperation
Designate a national nodal agency to coordinate matters(cyber
security) with clearly defined roles and responsibilities
designate CISO in every org who will be responsible for cyber
security efforts and initiatives
Org to devp info security policies and implement them as per
international best practices
Org to earmark a specific budget for cyber security
SANTOSH KHADSARE 9
STRATEGIES : CREATING A SECURE
CYBER ECO SYSTEM
Provide fiscal schemes and initiatives to encourage entities to
install and upgrade info infrastructure fro cyber security
Prevent occurrence and recurrence of cyber incidents
(proactive actions)
Est mechanism for sharing info
Procurement of trustworthy indigenously manufactured ICT
products
SANTOSH KHADSARE 10
STRATEGIES : CREATING A SECURE
CYBER ECO SYSTEM
Promote adoption of global best practices in info security and
compliance.
Create infrastructure for conformity assessment and
certification of compliance to cyber security best practices, std
and guidelines (e.g ISO 27001 ISMS certification).
Enable implementation of global security best practices for risk
management.
Identify and classify info infrastructure facilities and assets.
SANTOSH KHADSARE 11
STRATEGIES : CREATING A
ASSURANCE FRAMEWORK
Encourage secure appln/software devp processes.
Create conformity assessment framework for periodic
verification of compliance to best practices, std and guidelines
on cyber security.
Encourage all entities tom periodically test and evaluate the
adequacy and effectiveness of tech and op security measures
implemented in IT sys and networks .
SANTOSH KHADSARE 12
STRATEGIES : CREATING A
ASSURANCE FRAMEWORK
Encourage use of open standards to facilitate interoperability
and data exchange among different products and services.
Promote a consortium of Govt and private sector to enhance
availability of tested and certified IT products on open
standards.
SANTOSH KHADSARE 13
STRATEGIES : ENCOURAGING OPEN
STANDARDS
Devp dynamic and legal framework and its periodic review to
address Cyber security challenges.
To mandate periodic audit and evaluation.
To enable, educate and facilitate awareness of the regulatory
framework.
SANTOSH KHADSARE 14
STRATEGIES : STRENGTHENING
THE REGULATORY FRAMEWORK
To create National lvl sys , processes, structures and
mechanisms to generate situational scenario of
existing and potential threats and enable timely info
sharing for proactive, preventive and protective
actions.
To operate 24x7 CERT-in to function as a Nodal
Agency for coordination of all efforts for cyber
security emergency response and crisis mgt
(Umbrella org).
SANTOSH KHADSARE 15
STRATEGIES : CREATING MECHANISMS FOR EARLY
WARNING , VULNERABILITY MGT & RESPONSE
Operationalise 24x7 sectorial CERTs.
Implement Crisis Mgt plan for dealing with incidents impacting
critical national processes or endangering public safety and
security of the nation.
To conduct and facilitate regular cyber security drills and
exercises at National, sectorial and entity levels.
SANTOSH KHADSARE 16
STRATEGIES : CREATING MECHANISMS FOR EARLY
WARNING , VULNERABILITY MGT & RESPONSE
To mandate implementation of global security best practices,
business continuity mgt and cyber crisis mgt plan for all e-
Governance initiatives .
To encourage wider usage of PKI within Govt. for trusted
communication and transactions.
To engage info security professionals / org to assist .
SANTOSH KHADSARE 17
STRATEGIES : SECURING E-
GOVERNANCE SERVICES
To devp plan for protection of CII.
To operate 24x7 National Critical Information Infrastructure
Protection Centre(NCIIPC) to function as Nodal agency for CII
protection.
To facilitate identification, prioritisation, assessment,
remediation and protection of CII and key recourses.
To encourage and mandate as appropriate, the use of validated
and certified IT products.
SANTOSH KHADSARE 18
STRATEGIES : PROTECTION AND RESILIENCE
OF CRITICAL INFO INFRASTRUCTURE
To mandate security audit of CII on periodic basis.
To mandate certification of all security roles right from CISO
/CSO to those involved in operation of CII.
To mandate secure appl /software devp process.
SANTOSH KHADSARE 19
STRATEGIES : PROTECTION AND RESILIENCE
OF CRITICAL INFO INFRASTRUCTURE
To undertake R&D programs aimed at short term, medium term
and long term goals.
To encourage R&D to produce cost effective, tailor-made and
indigenous security solutions .
To facilitate transition, diffusion. And commercialisation of
outputs of R&D into commercial products and services for use
in public and private sectors.
SANTOSH KHADSARE 20
STRATEGIES : PROMOTION OF R&D
IN CYBER SECURITY
To set up Centre of Excellence in areas of strategic importance
for the point of security of cyber space .
To collaborate in joint R&D projects with industry and academia
in frontline technologies and solution oriented research.
SANTOSH KHADSARE 21
STRATEGIES : PROMOTION OF R&D
IN CYBER SECURITY
To create and maintain testing infrastructure and facilities of IT
security product evaluation and compliance verification.
To build trust relationships with product / system vendors and
service providers for improving end-to-end supply chain
security visibility.
To create awareness of the threats, vulnerabilities and
consequences of breach of security related to IT procurement.
SANTOSH KHADSARE 22
STRATEGIES : REDUCIN SUPPLY
CHAIN RISKS
To foster education and trg programs both in formal and
informal sectors to support the nation’s cyber security needs
and build capacity.
To est cyber security trg infrastructure across the country by
way of public private partnership arrangements.
To est cyber security concept labs for awareness and skill devp
in key areas.
To est institutional mechanisms for capacity building for Law
Enforcement Agencies.
SANTOSH KHADSARE 23
STRATEGIES : HRD
To promote and launch a comprehensive national awareness
program on security of cyber space.
To sustain security literacy awareness and publicity campaign
through electronic media.
To conduct, support and enable cyber security workshops /
seminars and certifications.
SANTOSH KHADSARE 24
STRATEGIES : CREATING CYBER
SECURITY AWARENESS
To facilitate collaboration and cooperation among stakeholder
entities.
To create models of collaborations and engagement with all
relevant stakeholders.
To create a think tank for cyber security inputs, discussion and
deliberations.
SANTOSH KHADSARE 25
STRATEGIES : DEVP EFFECTIVE
PUBLIC PVT PARTNERSHIPS
INFO SHARING AND COOPERATION (among security agencies,
CERTs, defence agencies, Law enforcement agencies and judicail
systems).
PRIORTIZED APPROACH FOR IMPLEMENTATION.
SANTOSH KHADSARE 26
OTHER STRATEGIES
THANK YOU
SANTOSH KHADSARE 27

More Related Content

What's hot

Cyber law
Cyber lawCyber law
Cyber law
Umang Maheshwari
 
National Cyber Security Policy 2013 (NCSP)
National Cyber Security Policy 2013 (NCSP)National Cyber Security Policy 2013 (NCSP)
National Cyber Security Policy 2013 (NCSP)
Gopal Choudhary
 
Cyberspace slide show
Cyberspace   slide showCyberspace   slide show
Cyberspace slide show
Beckusq
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
Cyber Space
Cyber SpaceCyber Space
Cyber Space
DINESH KAMBLE
 
Trademarks in Cyberspace: Domain name disputes, cybersquatting and internet i...
Trademarks in Cyberspace: Domain name disputes, cybersquatting and internet i...Trademarks in Cyberspace: Domain name disputes, cybersquatting and internet i...
Trademarks in Cyberspace: Domain name disputes, cybersquatting and internet i...
garypierson
 
cybersecurity
cybersecuritycybersecurity
cybersecurity
maha797959
 
cyber crime & cyber law
cyber crime & cyber lawcyber crime & cyber law
cyber crime & cyber law
himanshumunjal
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
pranjal dutta
 
Network administration and Management
Network administration and ManagementNetwork administration and Management
Network administration and Management
Bry Cunal
 
Cyber law
Cyber lawCyber law
Firewalls
FirewallsFirewalls
Cyber law-it-act-2000
Cyber law-it-act-2000Cyber law-it-act-2000
Cyber law-it-act-2000
Mayuresh Patil
 
Cyber laws
Cyber lawsCyber laws
Networking infrastructure
Networking infrastructureNetworking infrastructure
Networking infrastructure
Bhashkar Choudhary
 
Introduction to Cyber Law
Introduction to Cyber LawIntroduction to Cyber Law
Introduction to Cyber Law
n|u - The Open Security Community
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1
anilinvns
 
التعرف على الاختراقات في الشبكات المحلية
التعرف على الاختراقات في الشبكات المحليةالتعرف على الاختراقات في الشبكات المحلية
التعرف على الاختراقات في الشبكات المحلية
Ahmed Al Enizi
 
Cyber forensics ppt
Cyber forensics pptCyber forensics ppt
Cyber forensics ppt
RoshiniVijayakumar1
 
Introduction to cyber law.
Introduction to cyber law. Introduction to cyber law.
Introduction to cyber law.
PROF. PUTTU GURU PRASAD
 

What's hot (20)

Cyber law
Cyber lawCyber law
Cyber law
 
National Cyber Security Policy 2013 (NCSP)
National Cyber Security Policy 2013 (NCSP)National Cyber Security Policy 2013 (NCSP)
National Cyber Security Policy 2013 (NCSP)
 
Cyberspace slide show
Cyberspace   slide showCyberspace   slide show
Cyberspace slide show
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Cyber Space
Cyber SpaceCyber Space
Cyber Space
 
Trademarks in Cyberspace: Domain name disputes, cybersquatting and internet i...
Trademarks in Cyberspace: Domain name disputes, cybersquatting and internet i...Trademarks in Cyberspace: Domain name disputes, cybersquatting and internet i...
Trademarks in Cyberspace: Domain name disputes, cybersquatting and internet i...
 
cybersecurity
cybersecuritycybersecurity
cybersecurity
 
cyber crime & cyber law
cyber crime & cyber lawcyber crime & cyber law
cyber crime & cyber law
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
 
Network administration and Management
Network administration and ManagementNetwork administration and Management
Network administration and Management
 
Cyber law
Cyber lawCyber law
Cyber law
 
Firewalls
FirewallsFirewalls
Firewalls
 
Cyber law-it-act-2000
Cyber law-it-act-2000Cyber law-it-act-2000
Cyber law-it-act-2000
 
Cyber laws
Cyber lawsCyber laws
Cyber laws
 
Networking infrastructure
Networking infrastructureNetworking infrastructure
Networking infrastructure
 
Introduction to Cyber Law
Introduction to Cyber LawIntroduction to Cyber Law
Introduction to Cyber Law
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1
 
التعرف على الاختراقات في الشبكات المحلية
التعرف على الاختراقات في الشبكات المحليةالتعرف على الاختراقات في الشبكات المحلية
التعرف على الاختراقات في الشبكات المحلية
 
Cyber forensics ppt
Cyber forensics pptCyber forensics ppt
Cyber forensics ppt
 
Introduction to cyber law.
Introduction to cyber law. Introduction to cyber law.
Introduction to cyber law.
 

Similar to INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)

Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity
Yuri Anisimov
 
Cybersecurity Hub & Operations - Dr. Kiru Pillay
Cybersecurity Hub & Operations - Dr. Kiru PillayCybersecurity Hub & Operations - Dr. Kiru Pillay
Cybersecurity Hub & Operations - Dr. Kiru Pillay
dotZADNA
 
CSCSS ISC (INTERNATIONAL STRATEGY FOR CYBERSPACE)
CSCSS ISC (INTERNATIONAL STRATEGY FOR CYBERSPACE)CSCSS ISC (INTERNATIONAL STRATEGY FOR CYBERSPACE)
CSCSS ISC (INTERNATIONAL STRATEGY FOR CYBERSPACE)
Centre for Strategic Cyberspace + Security Science
 
Cyber Security Strategy for Pakistan.docx
Cyber Security Strategy for Pakistan.docxCyber Security Strategy for Pakistan.docx
Cyber Security Strategy for Pakistan.docx
falknoor56
 
Cyber Security India & Cyber Crime
Cyber Security India & Cyber CrimeCyber Security India & Cyber Crime
Cyber Security India & Cyber Crime
Deepak Kumar (D3)
 
National policy and strategy
National policy and strategyNational policy and strategy
National policy and strategy
Bright Boateng
 
The Importance of Cybersecurity for Digital Transformation
The Importance of Cybersecurity for Digital TransformationThe Importance of Cybersecurity for Digital Transformation
The Importance of Cybersecurity for Digital Transformation
NUS-ISS
 
The Roadmap to a Lifesaving Digital Ecosystem
The Roadmap to a Lifesaving Digital EcosystemThe Roadmap to a Lifesaving Digital Ecosystem
The Roadmap to a Lifesaving Digital Ecosystem
William Roberts
 
Insa cyber intelligence 2011
Insa cyber intelligence 2011Insa cyber intelligence 2011
Insa cyber intelligence 2011
Mousselmal Tarik
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
itnewsafrica
 
UN Singapore Cyber Programme 15 july19
UN Singapore Cyber Programme 15 july19UN Singapore Cyber Programme 15 july19
UN Singapore Cyber Programme 15 july19
consultancyss
 
Cloud computing_LKYSPP GSP 2019
Cloud computing_LKYSPP GSP 2019Cloud computing_LKYSPP GSP 2019
Cloud computing_LKYSPP GSP 2019
Jenny Jenish kyzy
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
Fahmi Albaheth
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...
Miguel A. Amutio
 
C3i Group Cyber Law
C3i Group Cyber LawC3i Group Cyber Law
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
Shiva Bissessar
 
Protecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approachProtecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approach
ITU
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Rahul Neel Mani
 
Final national cyber security strategy november 2014
Final national cyber security strategy november 2014Final national cyber security strategy november 2014
Final national cyber security strategy november 2014
vikawotar
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
ClubHack
 

Similar to INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013) (20)

Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity
 
Cybersecurity Hub & Operations - Dr. Kiru Pillay
Cybersecurity Hub & Operations - Dr. Kiru PillayCybersecurity Hub & Operations - Dr. Kiru Pillay
Cybersecurity Hub & Operations - Dr. Kiru Pillay
 
CSCSS ISC (INTERNATIONAL STRATEGY FOR CYBERSPACE)
CSCSS ISC (INTERNATIONAL STRATEGY FOR CYBERSPACE)CSCSS ISC (INTERNATIONAL STRATEGY FOR CYBERSPACE)
CSCSS ISC (INTERNATIONAL STRATEGY FOR CYBERSPACE)
 
Cyber Security Strategy for Pakistan.docx
Cyber Security Strategy for Pakistan.docxCyber Security Strategy for Pakistan.docx
Cyber Security Strategy for Pakistan.docx
 
Cyber Security India & Cyber Crime
Cyber Security India & Cyber CrimeCyber Security India & Cyber Crime
Cyber Security India & Cyber Crime
 
National policy and strategy
National policy and strategyNational policy and strategy
National policy and strategy
 
The Importance of Cybersecurity for Digital Transformation
The Importance of Cybersecurity for Digital TransformationThe Importance of Cybersecurity for Digital Transformation
The Importance of Cybersecurity for Digital Transformation
 
The Roadmap to a Lifesaving Digital Ecosystem
The Roadmap to a Lifesaving Digital EcosystemThe Roadmap to a Lifesaving Digital Ecosystem
The Roadmap to a Lifesaving Digital Ecosystem
 
Insa cyber intelligence 2011
Insa cyber intelligence 2011Insa cyber intelligence 2011
Insa cyber intelligence 2011
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
 
UN Singapore Cyber Programme 15 july19
UN Singapore Cyber Programme 15 july19UN Singapore Cyber Programme 15 july19
UN Singapore Cyber Programme 15 july19
 
Cloud computing_LKYSPP GSP 2019
Cloud computing_LKYSPP GSP 2019Cloud computing_LKYSPP GSP 2019
Cloud computing_LKYSPP GSP 2019
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...
 
C3i Group Cyber Law
C3i Group Cyber LawC3i Group Cyber Law
C3i Group Cyber Law
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
 
Protecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approachProtecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approach
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
 
Final national cyber security strategy november 2014
Final national cyber security strategy november 2014Final national cyber security strategy november 2014
Final national cyber security strategy november 2014
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
 

More from Santosh Khadsare

Cyber fraud (netflix)
Cyber fraud (netflix)Cyber fraud (netflix)
Cyber fraud (netflix)
Santosh Khadsare
 
INTERNET SECUIRTY TIPS
INTERNET SECUIRTY TIPSINTERNET SECUIRTY TIPS
INTERNET SECUIRTY TIPS
Santosh Khadsare
 
Linux forensics
Linux forensicsLinux forensics
Linux forensics
Santosh Khadsare
 
Network forensics1
Network forensics1Network forensics1
Network forensics1
Santosh Khadsare
 
Windowsforensics
WindowsforensicsWindowsforensics
Windowsforensics
Santosh Khadsare
 
Lec 1 apln security(4pd)
Lec  1 apln security(4pd)Lec  1 apln security(4pd)
Lec 1 apln security(4pd)
Santosh Khadsare
 
Smart card
Smart cardSmart card
Smart card
Santosh Khadsare
 
Guassvirus
GuassvirusGuassvirus
Guassvirus
Santosh Khadsare
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
Santosh Khadsare
 
Webmail
WebmailWebmail
Linux Forensics
Linux ForensicsLinux Forensics
Linux Forensics
Santosh Khadsare
 
Web server
Web serverWeb server
Web server
Santosh Khadsare
 
Samba server
Samba serverSamba server
Samba server
Santosh Khadsare
 
Firewall(linux)
Firewall(linux)Firewall(linux)
Firewall(linux)
Santosh Khadsare
 
Securitytips
SecuritytipsSecuritytips
Securitytips
Santosh Khadsare
 
Linux basics
Linux basicsLinux basics
Linux basics
Santosh Khadsare
 
Linuxfilesys
LinuxfilesysLinuxfilesys
Linuxfilesys
Santosh Khadsare
 
Linuxconcepts
LinuxconceptsLinuxconcepts
Linuxconcepts
Santosh Khadsare
 
Introtolinux
IntrotolinuxIntrotolinux
Introtolinux
Santosh Khadsare
 
New internet
New internetNew internet
New internet
Santosh Khadsare
 

More from Santosh Khadsare (20)

Cyber fraud (netflix)
Cyber fraud (netflix)Cyber fraud (netflix)
Cyber fraud (netflix)
 
INTERNET SECUIRTY TIPS
INTERNET SECUIRTY TIPSINTERNET SECUIRTY TIPS
INTERNET SECUIRTY TIPS
 
Linux forensics
Linux forensicsLinux forensics
Linux forensics
 
Network forensics1
Network forensics1Network forensics1
Network forensics1
 
Windowsforensics
WindowsforensicsWindowsforensics
Windowsforensics
 
Lec 1 apln security(4pd)
Lec  1 apln security(4pd)Lec  1 apln security(4pd)
Lec 1 apln security(4pd)
 
Smart card
Smart cardSmart card
Smart card
 
Guassvirus
GuassvirusGuassvirus
Guassvirus
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
 
Webmail
WebmailWebmail
Webmail
 
Linux Forensics
Linux ForensicsLinux Forensics
Linux Forensics
 
Web server
Web serverWeb server
Web server
 
Samba server
Samba serverSamba server
Samba server
 
Firewall(linux)
Firewall(linux)Firewall(linux)
Firewall(linux)
 
Securitytips
SecuritytipsSecuritytips
Securitytips
 
Linux basics
Linux basicsLinux basics
Linux basics
 
Linuxfilesys
LinuxfilesysLinuxfilesys
Linuxfilesys
 
Linuxconcepts
LinuxconceptsLinuxconcepts
Linuxconcepts
 
Introtolinux
IntrotolinuxIntrotolinux
Introtolinux
 
New internet
New internetNew internet
New internet
 

Recently uploaded

Java MCQ Questions and Answers PDF By ScholarHat
Java MCQ Questions and Answers PDF By ScholarHatJava MCQ Questions and Answers PDF By ScholarHat
Java MCQ Questions and Answers PDF By ScholarHat
Scholarhat
 
Mail Server Configuration Using App passwords in Odoo 17
Mail Server Configuration Using App passwords in Odoo 17Mail Server Configuration Using App passwords in Odoo 17
Mail Server Configuration Using App passwords in Odoo 17
Celine George
 
The Cruelty of Animal Testing in the Industry.pdf
The Cruelty of Animal Testing in the Industry.pdfThe Cruelty of Animal Testing in the Industry.pdf
The Cruelty of Animal Testing in the Industry.pdf
luzmilaglez334
 
How to Empty a One2Many Field in Odoo 17
How to Empty a One2Many Field in Odoo 17How to Empty a One2Many Field in Odoo 17
How to Empty a One2Many Field in Odoo 17
Celine George
 
Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...
Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...
Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...
Codeavour International
 
How To Sell Hamster Kombat Coin In Pre-market
How To Sell Hamster Kombat Coin In Pre-marketHow To Sell Hamster Kombat Coin In Pre-market
How To Sell Hamster Kombat Coin In Pre-market
Sikandar Ali
 
Parent PD Design for Professional Development .docx
Parent PD Design for Professional Development .docxParent PD Design for Professional Development .docx
Parent PD Design for Professional Development .docx
AntonioJarligoCompra
 
A beginner’s guide to project reviews - everything you wanted to know but wer...
A beginner’s guide to project reviews - everything you wanted to know but wer...A beginner’s guide to project reviews - everything you wanted to know but wer...
A beginner’s guide to project reviews - everything you wanted to know but wer...
Association for Project Management
 
Node JS Interview Question PDF By ScholarHat
Node JS Interview Question PDF By ScholarHatNode JS Interview Question PDF By ScholarHat
Node JS Interview Question PDF By ScholarHat
Scholarhat
 
slidesgo-mastering-the-art-of-listening-insights-from-robin-sharma-2024070718...
slidesgo-mastering-the-art-of-listening-insights-from-robin-sharma-2024070718...slidesgo-mastering-the-art-of-listening-insights-from-robin-sharma-2024070718...
slidesgo-mastering-the-art-of-listening-insights-from-robin-sharma-2024070718...
MANIVALANSR
 
ASP.NET Core Interview Questions PDF By ScholarHat.pdf
ASP.NET Core Interview Questions PDF By ScholarHat.pdfASP.NET Core Interview Questions PDF By ScholarHat.pdf
ASP.NET Core Interview Questions PDF By ScholarHat.pdf
Scholarhat
 
SQL Server Interview Questions PDF By ScholarHat
SQL Server Interview Questions PDF By ScholarHatSQL Server Interview Questions PDF By ScholarHat
SQL Server Interview Questions PDF By ScholarHat
Scholarhat
 
MATATAG CURRICULUM sample lesson exemplar.docx
MATATAG CURRICULUM sample lesson exemplar.docxMATATAG CURRICULUM sample lesson exemplar.docx
MATATAG CURRICULUM sample lesson exemplar.docx
yardenmendoza
 
View Inheritance in Odoo 17 - Odoo 17 Slides
View Inheritance in Odoo 17 - Odoo 17  SlidesView Inheritance in Odoo 17 - Odoo 17  Slides
View Inheritance in Odoo 17 - Odoo 17 Slides
Celine George
 
Genetics Teaching Plan: Dr.Kshirsagar R.V.
Genetics Teaching Plan: Dr.Kshirsagar R.V.Genetics Teaching Plan: Dr.Kshirsagar R.V.
Genetics Teaching Plan: Dr.Kshirsagar R.V.
DrRavindrakshirsagar1
 
11. Post harvest quality, Quality criteria and Judgement.pptx
11. Post harvest quality, Quality criteria and Judgement.pptx11. Post harvest quality, Quality criteria and Judgement.pptx
11. Post harvest quality, Quality criteria and Judgement.pptx
UmeshTimilsina1
 
Our Guide to the July 2024 USPS® Rate Change
Our Guide to the July 2024 USPS® Rate ChangeOur Guide to the July 2024 USPS® Rate Change
Our Guide to the July 2024 USPS® Rate Change
Postal Advocate Inc.
 
MathematicsGrade7-Presentation-July-12024.pptx
MathematicsGrade7-Presentation-July-12024.pptxMathematicsGrade7-Presentation-July-12024.pptx
MathematicsGrade7-Presentation-July-12024.pptx
nolicaliso1
 
Lange and Roberts "DEIA in the Scholarly Landscape Session 5: DEIA in Peer Re...
Lange and Roberts "DEIA in the Scholarly Landscape Session 5: DEIA in Peer Re...Lange and Roberts "DEIA in the Scholarly Landscape Session 5: DEIA in Peer Re...
Lange and Roberts "DEIA in the Scholarly Landscape Session 5: DEIA in Peer Re...
National Information Standards Organization (NISO)
 
FINAL MATATAG Science CG 2023 Grades 3-10.pdf
FINAL MATATAG Science CG 2023 Grades 3-10.pdfFINAL MATATAG Science CG 2023 Grades 3-10.pdf
FINAL MATATAG Science CG 2023 Grades 3-10.pdf
maritescanete2
 

Recently uploaded (20)

Java MCQ Questions and Answers PDF By ScholarHat
Java MCQ Questions and Answers PDF By ScholarHatJava MCQ Questions and Answers PDF By ScholarHat
Java MCQ Questions and Answers PDF By ScholarHat
 
Mail Server Configuration Using App passwords in Odoo 17
Mail Server Configuration Using App passwords in Odoo 17Mail Server Configuration Using App passwords in Odoo 17
Mail Server Configuration Using App passwords in Odoo 17
 
The Cruelty of Animal Testing in the Industry.pdf
The Cruelty of Animal Testing in the Industry.pdfThe Cruelty of Animal Testing in the Industry.pdf
The Cruelty of Animal Testing in the Industry.pdf
 
How to Empty a One2Many Field in Odoo 17
How to Empty a One2Many Field in Odoo 17How to Empty a One2Many Field in Odoo 17
How to Empty a One2Many Field in Odoo 17
 
Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...
Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...
Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...
 
How To Sell Hamster Kombat Coin In Pre-market
How To Sell Hamster Kombat Coin In Pre-marketHow To Sell Hamster Kombat Coin In Pre-market
How To Sell Hamster Kombat Coin In Pre-market
 
Parent PD Design for Professional Development .docx
Parent PD Design for Professional Development .docxParent PD Design for Professional Development .docx
Parent PD Design for Professional Development .docx
 
A beginner’s guide to project reviews - everything you wanted to know but wer...
A beginner’s guide to project reviews - everything you wanted to know but wer...A beginner’s guide to project reviews - everything you wanted to know but wer...
A beginner’s guide to project reviews - everything you wanted to know but wer...
 
Node JS Interview Question PDF By ScholarHat
Node JS Interview Question PDF By ScholarHatNode JS Interview Question PDF By ScholarHat
Node JS Interview Question PDF By ScholarHat
 
slidesgo-mastering-the-art-of-listening-insights-from-robin-sharma-2024070718...
slidesgo-mastering-the-art-of-listening-insights-from-robin-sharma-2024070718...slidesgo-mastering-the-art-of-listening-insights-from-robin-sharma-2024070718...
slidesgo-mastering-the-art-of-listening-insights-from-robin-sharma-2024070718...
 
ASP.NET Core Interview Questions PDF By ScholarHat.pdf
ASP.NET Core Interview Questions PDF By ScholarHat.pdfASP.NET Core Interview Questions PDF By ScholarHat.pdf
ASP.NET Core Interview Questions PDF By ScholarHat.pdf
 
SQL Server Interview Questions PDF By ScholarHat
SQL Server Interview Questions PDF By ScholarHatSQL Server Interview Questions PDF By ScholarHat
SQL Server Interview Questions PDF By ScholarHat
 
MATATAG CURRICULUM sample lesson exemplar.docx
MATATAG CURRICULUM sample lesson exemplar.docxMATATAG CURRICULUM sample lesson exemplar.docx
MATATAG CURRICULUM sample lesson exemplar.docx
 
View Inheritance in Odoo 17 - Odoo 17 Slides
View Inheritance in Odoo 17 - Odoo 17  SlidesView Inheritance in Odoo 17 - Odoo 17  Slides
View Inheritance in Odoo 17 - Odoo 17 Slides
 
Genetics Teaching Plan: Dr.Kshirsagar R.V.
Genetics Teaching Plan: Dr.Kshirsagar R.V.Genetics Teaching Plan: Dr.Kshirsagar R.V.
Genetics Teaching Plan: Dr.Kshirsagar R.V.
 
11. Post harvest quality, Quality criteria and Judgement.pptx
11. Post harvest quality, Quality criteria and Judgement.pptx11. Post harvest quality, Quality criteria and Judgement.pptx
11. Post harvest quality, Quality criteria and Judgement.pptx
 
Our Guide to the July 2024 USPS® Rate Change
Our Guide to the July 2024 USPS® Rate ChangeOur Guide to the July 2024 USPS® Rate Change
Our Guide to the July 2024 USPS® Rate Change
 
MathematicsGrade7-Presentation-July-12024.pptx
MathematicsGrade7-Presentation-July-12024.pptxMathematicsGrade7-Presentation-July-12024.pptx
MathematicsGrade7-Presentation-July-12024.pptx
 
Lange and Roberts "DEIA in the Scholarly Landscape Session 5: DEIA in Peer Re...
Lange and Roberts "DEIA in the Scholarly Landscape Session 5: DEIA in Peer Re...Lange and Roberts "DEIA in the Scholarly Landscape Session 5: DEIA in Peer Re...
Lange and Roberts "DEIA in the Scholarly Landscape Session 5: DEIA in Peer Re...
 
FINAL MATATAG Science CG 2023 Grades 3-10.pdf
FINAL MATATAG Science CG 2023 Grades 3-10.pdfFINAL MATATAG Science CG 2023 Grades 3-10.pdf
FINAL MATATAG Science CG 2023 Grades 3-10.pdf
 

INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)

  • 1. NATIONAL CYBER SECURITY POLICY - 2013 SANTOSH KAHDASRE
  • 3. Complex environment of integrations between people, software and services Common pool used by citizens, businesses , critical information infrastructure ,military and groups Vulnerable to a wide range of incidents, whether intentional or accidental, manmade or natural, and the info can be exploited by both nation states and non state actors SANTOSH KHADSARE 3 CYBERSPACE IS…..
  • 4. Caters to the whole spectrum of ICT users and providers and is an evolving process IT SERVES AS AN UMBRELLA FRAMEWORK FOR DEFINING AND GUIDING THE ACTIONS RELATED TO SECURITY OF CYBER SPACE It also enables the individual sectors and org in designing appropriate cyber security polices to suit their needs SANTOSH KHADSARE 4 CYBER SECURITY POLICY
  • 5. TO BUILD A SECURE AND RESILIENT CYBERSPACE FOR CITIZENS, BUSINESSES AND GOVERNMENT SANTOSH KHADSARE 5 VISION
  • 7. SANTOSH KHADSARE 7 OBJECTIVES Create a secure cyber ecosystem Create an assurance framework Strengthen the regulatory framework Enhance and create national and sectorial level 24x7 mechanisms for info gathering Enhance protection and resilience of CII by operating 24x7 NCIIPC Develop indigenous security technologies
  • 8. SANTOSH KHADSARE 8 OBJECTIVES Est infrastructure for testing & validation of security of such products Create workforce of 500,000 professionals in next five years Fiscal benefits to businesses for adoption of std security practices and processes Enable effective prevention , investigation and prosecution of cyber crime Create culture of cyber security Develop public pvt partnerships and enhance global cooperation
  • 9. Designate a national nodal agency to coordinate matters(cyber security) with clearly defined roles and responsibilities designate CISO in every org who will be responsible for cyber security efforts and initiatives Org to devp info security policies and implement them as per international best practices Org to earmark a specific budget for cyber security SANTOSH KHADSARE 9 STRATEGIES : CREATING A SECURE CYBER ECO SYSTEM
  • 10. Provide fiscal schemes and initiatives to encourage entities to install and upgrade info infrastructure fro cyber security Prevent occurrence and recurrence of cyber incidents (proactive actions) Est mechanism for sharing info Procurement of trustworthy indigenously manufactured ICT products SANTOSH KHADSARE 10 STRATEGIES : CREATING A SECURE CYBER ECO SYSTEM
  • 11. Promote adoption of global best practices in info security and compliance. Create infrastructure for conformity assessment and certification of compliance to cyber security best practices, std and guidelines (e.g ISO 27001 ISMS certification). Enable implementation of global security best practices for risk management. Identify and classify info infrastructure facilities and assets. SANTOSH KHADSARE 11 STRATEGIES : CREATING A ASSURANCE FRAMEWORK
  • 12. Encourage secure appln/software devp processes. Create conformity assessment framework for periodic verification of compliance to best practices, std and guidelines on cyber security. Encourage all entities tom periodically test and evaluate the adequacy and effectiveness of tech and op security measures implemented in IT sys and networks . SANTOSH KHADSARE 12 STRATEGIES : CREATING A ASSURANCE FRAMEWORK
  • 13. Encourage use of open standards to facilitate interoperability and data exchange among different products and services. Promote a consortium of Govt and private sector to enhance availability of tested and certified IT products on open standards. SANTOSH KHADSARE 13 STRATEGIES : ENCOURAGING OPEN STANDARDS
  • 14. Devp dynamic and legal framework and its periodic review to address Cyber security challenges. To mandate periodic audit and evaluation. To enable, educate and facilitate awareness of the regulatory framework. SANTOSH KHADSARE 14 STRATEGIES : STRENGTHENING THE REGULATORY FRAMEWORK
  • 15. To create National lvl sys , processes, structures and mechanisms to generate situational scenario of existing and potential threats and enable timely info sharing for proactive, preventive and protective actions. To operate 24x7 CERT-in to function as a Nodal Agency for coordination of all efforts for cyber security emergency response and crisis mgt (Umbrella org). SANTOSH KHADSARE 15 STRATEGIES : CREATING MECHANISMS FOR EARLY WARNING , VULNERABILITY MGT & RESPONSE
  • 16. Operationalise 24x7 sectorial CERTs. Implement Crisis Mgt plan for dealing with incidents impacting critical national processes or endangering public safety and security of the nation. To conduct and facilitate regular cyber security drills and exercises at National, sectorial and entity levels. SANTOSH KHADSARE 16 STRATEGIES : CREATING MECHANISMS FOR EARLY WARNING , VULNERABILITY MGT & RESPONSE
  • 17. To mandate implementation of global security best practices, business continuity mgt and cyber crisis mgt plan for all e- Governance initiatives . To encourage wider usage of PKI within Govt. for trusted communication and transactions. To engage info security professionals / org to assist . SANTOSH KHADSARE 17 STRATEGIES : SECURING E- GOVERNANCE SERVICES
  • 18. To devp plan for protection of CII. To operate 24x7 National Critical Information Infrastructure Protection Centre(NCIIPC) to function as Nodal agency for CII protection. To facilitate identification, prioritisation, assessment, remediation and protection of CII and key recourses. To encourage and mandate as appropriate, the use of validated and certified IT products. SANTOSH KHADSARE 18 STRATEGIES : PROTECTION AND RESILIENCE OF CRITICAL INFO INFRASTRUCTURE
  • 19. To mandate security audit of CII on periodic basis. To mandate certification of all security roles right from CISO /CSO to those involved in operation of CII. To mandate secure appl /software devp process. SANTOSH KHADSARE 19 STRATEGIES : PROTECTION AND RESILIENCE OF CRITICAL INFO INFRASTRUCTURE
  • 20. To undertake R&D programs aimed at short term, medium term and long term goals. To encourage R&D to produce cost effective, tailor-made and indigenous security solutions . To facilitate transition, diffusion. And commercialisation of outputs of R&D into commercial products and services for use in public and private sectors. SANTOSH KHADSARE 20 STRATEGIES : PROMOTION OF R&D IN CYBER SECURITY
  • 21. To set up Centre of Excellence in areas of strategic importance for the point of security of cyber space . To collaborate in joint R&D projects with industry and academia in frontline technologies and solution oriented research. SANTOSH KHADSARE 21 STRATEGIES : PROMOTION OF R&D IN CYBER SECURITY
  • 22. To create and maintain testing infrastructure and facilities of IT security product evaluation and compliance verification. To build trust relationships with product / system vendors and service providers for improving end-to-end supply chain security visibility. To create awareness of the threats, vulnerabilities and consequences of breach of security related to IT procurement. SANTOSH KHADSARE 22 STRATEGIES : REDUCIN SUPPLY CHAIN RISKS
  • 23. To foster education and trg programs both in formal and informal sectors to support the nation’s cyber security needs and build capacity. To est cyber security trg infrastructure across the country by way of public private partnership arrangements. To est cyber security concept labs for awareness and skill devp in key areas. To est institutional mechanisms for capacity building for Law Enforcement Agencies. SANTOSH KHADSARE 23 STRATEGIES : HRD
  • 24. To promote and launch a comprehensive national awareness program on security of cyber space. To sustain security literacy awareness and publicity campaign through electronic media. To conduct, support and enable cyber security workshops / seminars and certifications. SANTOSH KHADSARE 24 STRATEGIES : CREATING CYBER SECURITY AWARENESS
  • 25. To facilitate collaboration and cooperation among stakeholder entities. To create models of collaborations and engagement with all relevant stakeholders. To create a think tank for cyber security inputs, discussion and deliberations. SANTOSH KHADSARE 25 STRATEGIES : DEVP EFFECTIVE PUBLIC PVT PARTNERSHIPS
  • 26. INFO SHARING AND COOPERATION (among security agencies, CERTs, defence agencies, Law enforcement agencies and judicail systems). PRIORTIZED APPROACH FOR IMPLEMENTATION. SANTOSH KHADSARE 26 OTHER STRATEGIES