Cyber security Indian perspective & Collaboration With EU

Size: px

Start display at page:

Download "Cyber security Indian perspective & Collaboration With EU"

Tyrone Walters
8 years ago
Views:

1 Cyber security Indian perspective & Collaboration With EU Abhishek Sharma, BIC IAG member, On behalf of Dr. A.S.A Krishnan, Sr. Director, Department of Electronics & Information Technology Government of India 1

2 Indian ICT sector IT market US $ 110 billion Exports of Software US $ 69 billion Exports of Hardware US $ 8.9 billion Internet users Mobile connections 122 million 941 million 2

3 INDIA Internet Infrastructure:2012 Internet 6 15 Mil. All Domains (2.5 Mil..in ) STPI Bharti NIC 260+ IDCs Reliance 134 Major ISPs ERNET Mail Servers TATA Communications BSNL Mil. High speed Internet MTNL DNS 122 Mil. Internet Users Govt. IT / ITES BPO Home Academia Enterprise Overall Tele-density Targeted Broadband connections= 22 Mil. (by 2014) VOIP, IPTV 3

.in ) STPI Bharti NIC 260+ IDCs Reliance 134 Major ISPs ERNET Mail Servers TATA

4 Threat landscape Malware, Botnets Identity Theft and Phishing DDoS attacks Anonymisers, VPNs, TOR Web site intrusions Spam Cyber espionage Attacks on small office/home systems Misuse of social media 4

Web site intrusions Spam Cyber espionage Attacks

5 Key Elements of Cyber Security Strategy Security R&D Legal Framework Security Incident - Early Warning & Response National Cyber Alert System CERT-In and Sectoral CERTs Information Exchange with international CERTs Security Policy, Compliance and Assurance Security Assurance Framework Cyber security drills Trusted Company Certification IT/ITES/BPO Companies Security Training Skill & Competence development Domain Specific training Cyber Forensics, Network & System Security Administration International Cooperation 5

Security Assurance Framework Cyber security drills Trusted Company Certification IT/ITES/BPO Companies Security Training Skill &

6 National Cyber Security Policy Salient Features: Caters to whole spectrum of ICT users and Providers including home users; small, medium & large organisations, Government and Academia Strategies: Creating a secure cyber ecosystem Creating an assurance framework Encouraging Open Standards Strengthening the Regulatory framework Creating mechanisms for security threat early warning, vulnerability management and response to security threats 6

ecosystem Creating an assurance framework Encouraging Open Standards Strengthening the Regulatory framework

7 National Cyber Security Policy Strategies (Contd..): Securing E-Governance services Protection and resilience of Critical Information Infrastructure Promotion of Research & Development in cyber security Reducing supply chain risks Human Resource Development Creating Cyber Security Awareness Developing effective Public Private Partnerships Information sharing and cooperation The Policy is operationalised by way of detailed guidelines and plans at various levels such as National, Sectoral, State, Ministry and Enterprise. 7

Development in cyber security Reducing supply chain risks Human Resource Development Creating Cyber Security Awareness Developing

8 Legal Framework Information Technology Act, 2000 IT (Amendment) Act, 2008 Data Protection & Computer crimes Best Practices and Security Assurance ISO Security Standard - Mandated for Public Companies and critical sectors 8 8

Best Practices and Security Assurance ISO 27001 Security

9 Cyber Security R&D Focus Cyber Security R&D is one of the major initiatives identified for securing Cyber space Aimed at promotion of development & technology, demonstration, proof of concept and R&D test bed projects for enhancing indigenous skills and capabilities in the cyber security 9

development & technology, demonstration, proof of concept and R&D test

10 Cyber Security R&D Promotion Scheme Academic Insitutions & R&D Labs across the country are funded to carry out R&D projects to nurture R&D and capacity development A Working Group, of experts in the area, at the Department examines and recommends R&D proposals in thrust areas Evaluation of project proposals and recommendation by the Working Group 10

Group, of experts in the area, at the Department examines and recommends R&D proposals

11 Cyber Security - Collaboration Cyber Space is Virtual, Borderless, Anonymous Security in Cyber Space is no longer isolated to one nation Cooperation is needed with joint programmes To effectively mitigate threats Capacity Development Exchange of Infortaion International Cooperation Cyber security drills at international level with Asia-Pacific CERTs Specific cyber security cooperation with Japan and South Korea Participating in the UN Committee of Group of Experts as well as in the Council of Security Cooperation in Asia-Pacific (CSCAP) for enhancing cooperation in the area of Cyber Security India is Signatory to Trusted Computing Group to participate in 11 development of standards and promotion of Trusted systems

cyber security cooperation with Japan and South Korea Participating in the UN Committee of Group of Experts as well as in the Council of Security Cooperation in Asia-Pacific

12 How India and EU can collaborate in R&D Identification of specific areas & Institutions for Joint R&D programmes/projects Indicative list of R&D Areas for joint R&D Solutions for ensuring trust of electronic transactions Analysis and certification of commercial IT Systems Software assurance, code testing and analysis Threat Management systems Network penetration and vulnerability assessment tools Development of compliance and self-assessment tools, validation and implementation. Cloud Security Tools 12

of commercial IT Systems Software assurance, code testing and analysis Threat Management systems Network penetration and

13 Thank you 13

National Cyber Security Policy -2013

National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information