A better policy and project towards cyber security like CERT can help improve cyber security in India.
This was stated by advocate Shruit Bist while speaking at the CISO Summit held at The Leela Mumbai on the theme of “Cyber Security Laws and What CISO and Organisations Should Know About Them”. It was attended by various speakers including Brijesh Singh, IPS, Inspector General of Police, Cyber Government of Maharashtra, Durga Prasad Dube, Vice President, Reliance Industries, Kalpesh Doshi, CISO, FIS, Advocate Shruti Bist, Supreme Court Advocate, Kushboo Jain, Supreme Court Advocate, N. A. Vijaya Shankar, Chairman, Data Protection Professional of India . The conferenbce was organised by CISO, Cybersecuoiryt ISO Cybersecurity is the first and only organization in India to look at cybersecurity from an all-encompassing perspective consulting and advisory, skill development, and awareness at citizen, academia, corporate and government levels.
The summit focused on applying intelligence strategy and technology for better cyber-defence. The 2020 conference focussed primarily on how CISOs and Cyber security professionals should create a robust “Defence Mechanism” for a stronger, better, cyber security posture.
In Panel discussion various cyber security provision were discussed. Cybersecurity is the governance, development, management and use of information security, OT security, and IT security tools and techniques for achieving regulatory compliance, defending assets. The chief information security officer (CISO) is the executive responsible for an organization’s information and data security. While in the past the role has been rather narrowly defined along those lines, these days the title is often used interchangeably with CSO and VP of security, indicating a more expansive role in the organization. The role of CISO after implementation of Data Protection Bill 2019 was discussed .
Few Responsibilities of CISO discussed have been summarised below
- Security operations: Real-time analysis of immediate threats, and triage when something goes wrong
- Cyber risk and cyber intelligence: Keeping abreast of developing security threats, and helping the board understand potential security problems that might arise from acquisitions or other big business moves
- Data loss and fraud prevention: Making sure internal staff doesn’t misuse or steal data
- Security architecture: Planning, buying, and rolling out security hardware and software, and making sure IT and network infrastructure is designed with best security practices in mind
- Investigations and forensics: Determining what went wrong in a breach, dealing with those responsible if they’re internal, and planning to avoid repeats of the same crisis
The Summit focussed on suggestions of better cyber security laws and implementation of bill in more efficient ways .