POLICY AND LEGAL FRAMEWORK

The first meeting of the SKOCH Cyber Patriot Task Force, focused on Policy and Legal Framework was held on the 23rd March 2019 at the Constitution Club of India, New Delhi

The first meeting of the Cyber Patriot Task Force focused on Policy and Legal Framework was held on the 23rd March 2019 at the Constitution Club of India, New Delhi.

Following is the list of attendees:

  1. Mr Akhilesh Tuteja, Global Co-Leader - Cyber Security, KPMG
  2. Prof Anjali Kaushik, Information Management, Management Development Institute (MDI)
  3. Mr Avaneesh Vats, Deputy General Manager - IT, Energy Efficiency Services Ltd
  4. Mr Bhushan Mohan, Former Principal Consultant, NeGD, MeitY
  5. Mr Brijesh Singh, Inspector General of Police - Cyber, Maharashtra
  6. Dr C Muralikrishna Kumar, Senior Advisor-ICT, NITI Aayog
  7. Mr Gautam Kapoor, Partner, Deloitte India
  8. Mr Golok Kumar Simli, Principal Consultant & Chief Technology Officer, Passport Seva, Ministry of External Affairs
  9. Dr Gulshan Rai, National Cyber Security Coordinator
  10. Mr Jaspreet Singh, Partner – Cyber Security, Africa, India & Middle East (AIM), Ernst & Young
  11. Mr Mannan Godil, CISO - Information Security Group, Edelweiss Rural & Corporate Services Limited
  12. Mr Nafees Ahmed, CIO, Indiabulls Group
  13. Dr N Vijayaditya, Former Director General, NIC
  14. Ms R Priyamvada, IT Head, Engineers India Ltd (EIL)
  15. Mr Sameer Kochhar, Chairman, SKOCH Group
  16. Dr Shefali Dash, Former Director General, National Informatics Centre
  17. Mr Sivarama Krishnan, Leader - Cyber Security, PwC
  18. Mr S S Sarma, Director, CERT-In, MeitY

It was clear that there are stakeholders whose interest is top-level policy, others who would like to see an operations or technologies view etc. We recognise the importance of all of these and propose to hold meetings consisting of different types of stakeholders to cover all areas eventually. For the purposes of focus the first meeting was on Policy Issues and examined some of the areas that are important from a government perspective.

After detailed discussions, several decisions were taken. The initial actions are as follows:

  1. The working name for the document would be “National Cyber Security Strategy for India.”
  2. Under the first section of the book, we would take stock of the current progress and need articulation.
  3. Accordingly, I suggest, the first section could be structured as below:
    1. Global Scenario
    2. Factors Driving National Cyber Security Strategies
    3. The Indian Context (current policy environment, assets, institutions etc)
      1. Facilities
      2. People (skills and HR)
      3. Funds
      4. Systems
      5. Competitive Advantages
      6. Areas for Upgradation
    4. Policy Gaps
    5. Key Factors Driving Future Course (eg Virtualisation, 5G, AI, IoT etc)
    6. Need Articulation for the Strategy
  4. Economic Rationale for the Strategy

Since Sivaram of PwC had come prepared for inputs on 3 above, he was requested to put together a draft paper. His presentation is enclosed.

Similarly, Anjali Kaushik has also done extensive work on Information Security Assurance Framework for e-Governance was requested to share some of her work. The document sent by her is enclosed.

Akhilesh Tuteja of KPMG was requested to work on a paper on Economic Rationale and the cost of not having such a strategy.

Brijesh Singh of Maharashtra Police has suggested an alternative view point and is requested to share his input documents.

Moving forward, I would be having a few one on one discussions to better crystallise thoughts on other chapters and areas of action. I look forward to your inputs and feedback.

One area that everyone has promised to help on is to help expand this group and recommend resource persons from the technology and operations sides to join us. We need to have a 1000 strong group.