ANNUAL REPORT - Data Security Council of India · 2 Annual Report 2017-18 Data Security Council of...

Annual Report 2017-18 1

ANNUALREPORT

2017-18

Annual Report 2017-182

Data Security Council of India (DSCI) is a premier industry body on data protection in India, setup by NASSCOM®, committed to making the cyberspace safe, secure and trusted by establishing best practices, standards and initiatives in cyber security and privacy. DSCI works with the Government and their agencies, Law Enforcement Agencies, industry sectors including IT-BPM, BFSI, Telecom, industry associations, data protection authorities and think tanks for public advocacy, thought leadership, capacity building and outreach initiatives.

About

DSCI


Vision To be the premier industry body for making cyberspace safe, secure and trusted.

Objectives • Engagewithgovernments,regulators,industryassociationsandthinktanks

on policy matters through Public Advocacy

• Establish Thought Leadership through development of Best Practices,Standards and Frameworks and publication of Studies, Surveys and Papers

• BuildCapacityinSecurity,PrivacyandCyberForensicsthroughtrainingandcertification of individuals and professionals in Cybercrime Investigations through training of law enforcement agencies and judiciary

• Engage with stakeholders through various Outreach initiatives includingevents, awards, chapters, consultations and membership programs

• DevelopandmaintainanAssuranceecosystemforvalidationofprivacyandsecurity practices implemented by organizations

• Increase India’s share in the global security product and services marketthrough Global Trade Development initiatives

• AimatdevelopinganAlternateDisputeResolutionsystemindataprotection

MissionTo develop capabilities, capacities and norms, in collaboration with all the stakeholders including the government, required to advance towards a safer, more secure and trusted cyberspace

• forenhancingtradeandcommercebyincreasingglobaldataflowsandpromoting innovation;

• strengtheningnationalsecurity,

• protectingindividuals’rightsincyberspace

• addressingsuchglobalissueswhilesafeguardingnationalandindustryinterests.


Chairman Message

CEO Message

DSCI Stakeholders

Corporate Members

Programs & Initiatives

Board of Directors

DSCI in News

CONtENtS

5

6

7

8

10

39

41


In this year, DSCI continued its focus on policy advocacy, thought leadership and awareness around Cyber Security, Privacy and Data protection. Along withkeyinitiativesforIndia’scybersecuritygrowthlandscape,DSCIpavedthe way to achieve its ambitious vision of growing cyber security product and services industry to USD 35 billion by 2025. With cyber security industry development emerging as one of the key recommendations during the stakeholders meeting for strategies and priorities for future, DSCI developed a detailed roadmap and has undertaken various initiatives to enable the growth of cyber security product and services start-ups.

Given the far-reaching impact of European Union General Data Protection Regulation (EU-GDPR) compliance requirements on Indian Industryincluding IT-BPM and others, DSCI in association with NASSCOM worked through the year on Industry’s readiness.We organised several trainingsand awareness programs with global experts, and Directorate-General for Justice of the European Commission and introduced helpdesk for members and supported the industry with key action points and guidance material forGDPRimplementation.Toenhancecapacityofprivacyprofessionals inthe country, DSCI imparted several training programs for diverse sectors of industry.

G K PillaiChairman

In the past couple of years, we have witnessed India marching towards a cashless society. While the citizens are embracing the digital channels for payments, apprehensions are also rising with respect to its safety and security. Given this background, DSCI embarked upon a user awareness campaign targeting the merchants and traders and small businesses helping them understand the significance of security in the realm of digital transactions and making them aware on the basic security best practices. With the support from the primary partners including MeitY and Google India, and significant players both from the government and industry helped the campaign to amplify its reach. Focusing on the theme of Digital Payments, DSCI in association with PayPal India released a joint study– ‘SecuringIndia’sDigitalPaymentFrontiers’highlightingthecurrentstateofcybersecurity inthedigitalpayment ecosystem.

While on the one hand industry witnessed unprecedented growth in innovation and technology adoption, cyber incidentsincludingRansomwareattacksnotonlyimpactedtheindustrybutalsoaccentuatedtheimportanceofcyber security making it a strategic imperative for organisations. DSCI round the year proactively engaged with the industry members and CISO fraternity and shared advisories and guidelines and facilitated collaboration with nodal agencieslikeCERT.

The Annual Information Security Summit (AISS) in New Delhi and the Best Practices Meet (BPM) in Bengaluru served as definitive platforms for cyber security and privacy leaders in the country, both on policy, contemporary and future security technologies. Promoting excellence in security and privacy practices, the DSCI Excellence Awards, recognized organisations and individuals in the Corporate, Law Enforcement and Cyber Security Product and Services categories.

As we move ahead in this year, DSCI is geared up with several initiatives and programs and look forward to continued support of Government and our members.

CHAIRMAN MESSAGE


including emerging technologies like Artificial Intelligence, Blockchain among others have been mapped in a web based system and is ready for beta release.

Throughout the year we organised a series of workshops, seminars and round table discussions on several topics engaging diverse stakeholders. The year also marked our first edition of FinSec Conclave in Mumbai. The conference received an overwhelming response with over 300 delegates joining us at the platform.

Given the drive towards digital economy in the country, it was imperative to understand various dynamics of the digital payment ecosystem. We partnered with Paypal to study the ecosystem and released a report named ‘Securing India’s Digital Payment Frontiers’. The report covered challenges, threat landscape, global policies, regulations,standards and frameworks, prevailing in the ecosystem. With the aim to enhance trust and confidence of users and merchants engaged in making digital transactions, DSCI in association with several partners including Ministry of InformationTechnology(MeitY),GovernmentofTelangana,NationalBankforAgricultureandRuralDevelopment(NABARD),NationalPaymentsCorporationofIndia(NPCI)amongothersrolledoutanationwideeducationalandawareness program on security best practices. The content developed in form of videos and brochures in five languagesHindi, English,Gujarati, Tamil&Teluguwasdisseminated throughpartners’ channels.Anawarenessprogram for law enforcement agencies was initiated which was also well received by the audience.

DSCI also started its journey towards achieving its ambitious goal of developing India as a global cyber security hub for products and services. As we move ahead, we are excited to collaborate with existing with our stakeholders to comprehensively chart out our future course of programs and initiatives. Technology Development Board announcing a Commercialisation Program for Cyber Security, and several young product companies participating in InSpreneur, Singapore, were some of the highlights of our Industry Development efforts.

We look forward to your continued support and strengthening our hands in scaling our efforts to benefit our members and stakeholders.

The year was significant for the entire industry and ecosystem. With government ramping up its efforts towards making the nation digital, cashless and protecting it from cyber threats, we at DSCI continued to engage with stakeholders and community on advocacy, knowledge dissemination, capacity development in addition to guiding our diverse member base on protecting their IT infrastructure and advocating cybersecurity and data protection as business enabler. During the year we engaged in cyber security challenges in emerging domains like Internet of Things Security, Automotive Security, blockchain and virtual currencies. We also focussed on enhancing our capacity on cyber forensics and cybercrime investigation.

TomapIndia’scapabilitiesandcompetenciesincybersecuritydomainacrossindustry, government and academia, we undertook ‘National Technology CapabilityRepository’projecttobuildarepositorythroughextensiveprimary& secondary research. This repository will enable decision makers to identify gaps and prioritize actions on technology areas that the country should invest in. A set of 25 technology areas critical to Cyber Security capacity development in the country were identified. I am glad to report that 10 areas

Rama VedashreeCEO

CEO MESSAGE


DSCI Board has six Directors, of which four are Independent Directors. During the year 2017-18, the Board continued to have Gopal Pillai as the Chairman of Board of Directors.

RamanRoy, joined theBoard inplaceofC.P.Gurnani, Chairman,NASSCOMandAjayKumar, got appointedasSecretary, Department of Defence Production, Ministry of Defence, hence resigned as Nominee Director (MeitY) from DSCI Board. During the year, Mrutyunjay Mahapatra, DMD CIO, State Bank of India joined DSCI Board as independent Director.

The present composition of the Board is as below:

• TwoDirectorsrepresentingNASSCOM–thepresentChairmanandPresident

• FourDirectors,allbeingindependentincludingtheChairman,DSCI

the Board of Directors, as on 31 March 2018, is as below:

G. K. Pillai Chairman, DSCI

N. Balakrishnan Independent Director

A.S. Ramasastri Independent Director

Mrutyunjay Mahapatra Independent Director

Raman Roy Chairman, NASSCOM

R. Chandrashekhar, President, NASSCOM

BOARD OF DIRECtORS


DSCIunderstandsstakeholders’prioritiesandencompassestheseinitsvariedinitiatives,programsandoutreachactivities.

Our programs and strategic activities are guided by the Board of Directors. To better reflect the ever-changingcyberspace, we closely engage security and privacy experts from the industry and government, consult member companies, and experts from the chapters spread across various cities in India (Delhi, Mumbai, Pune, Bangalore, Hyderabad,Kolkata, Jaipur,Ahmedabad,Coimbatore,Chandigarh)andSingapore.Thisconsultativeprocesshelpsus meet the aspirations of our stakeholders and help in the industry development.

Some key government agencies we have been engaging through out the year are mentioned below.

StAKEHOlDERS

Cyber Security Ministries & Departments National Security LEAs Regulators

CERT-In MeitY NSCS CBI RBI

NCIIPC DoC and DoT MHA NPA TRAI

NCSC MEA Sec Agencies State Police SEBI

310IT SERVICES

60IT BPM OTHERS

59SECURITY

46 33BFSI

9 3Energy/ Oil & Gas TELECOM

CORPORATE MEMBERS (INDUSTRY)


StAKEHOlDERS

2000+ Security & Privacy Professionals

BANGALORE

450

DELHI & NCR

365 HYDERABAD

243

MUMBAI

219 CHENNAI

184

AHMEDABAD

170

PUNE

153

KOLKATTA

78 JAIPUR

67

SINGAPORE

35CHANDIGARH

31

COIMBATORE

18

CHAPTER COMMUNITY

DSCI Chapters operate in 12 cities representing over 2000 security and privacy professionals from varied Industry sectors. Members conduct regular meetings, organize educational seminars, share knowledge and discover new opportunities. Driven by voluntary association of individuals, each chapter is run by an Anchor and Co-Anchor to conduct the affairs.


PROGRAMS & INItIAtIVES

DSCI has been pro-actively engaged with the stakeholders including government and industry in building the cybersecurity agenda for the country. Enabling policy, developing the industry, nurturing and evangelizing the security product & services ecosystem to spreading awareness on cyber security imperatives while making cyberspace safe and trusted for all players remained central to all the activities carried out during the year. Few key activities carried out during the year are highlighted below.

Implementation of CStF plan – Cyber Security Product and Services Industry Development

After the formation of Cyber Security Task Force (CSTF) in 2015 that charted out a vision 2025 to grow the cyber security product and services industry to USD 35billion, one million cyber security jobs and 1000 cyber security start-ups,DSCI&NASSCOMcameupwith‘GrowingCyberSecurityIndustry-RoadmapforIndia’whichdelineatedthe path to achieve above goals and provided set of recommendations for the government to enable its necessary ecosystem. In addition to mapping global security landscape, exploring the opportunities and analysing market both from demand and supply side, the report endeavoured to identify opportunities pivotal for innovation by start-ups.

Start-ups in product and services ...gaining market traction and attracting attention of investors

Indian IT Services companies ... Scaling momentum to grow security services in global markets

MNC IT Services companies ... setting up their global consulting & operations in India

Global Security Technology Companies ... India becoming destination of product research, development and support

Niche Security Services companies ... getting recognised in the domestic and international market

User organizations and government institutions ... interest in developing security technologies and building a favourable ecosystem for their development

Global In-House Centres ... moving their security operations and engineering work to India

Cyber Security-

India's current Landscape

Cyber Security-

India's Vision 2025

~100 focused

Start-ups

~150KSecurity

Professionals

~USD 4.5-5 bn

Cyber Security market, 2017

(Overall ~USD 1.6 bn domestic market)

4 Dimensional approach

• Industry

• Technology

• Policy

• Skills

~1000 Focused Start-ups

~1mnSecurity

Professionals

~USD 35 bn

Cyber Security market

Making India a Global Hub for Cyber Security Products and Services

While scanning the cyber security industry and domestic market, many positive movements have been witnessed recently. Cited below are the identified distinct tracks of the industry development which warrant focus concerted efforts.

Cyber Security



Currently, considerable efforts are being made by the government and their agencies regulators to improve both the cyber security posture of the government organisations and overall enable the ecosystem. DSCI has started working closely with the government and industry on the enablement and implementation of CSTF Plan under seven areas including Policy, Use Case Clearing House, Export Market & branding, Domestic Market, Cluster/SIZ, Skills. These tracks were published as CSTF recommendations given as below.

• Commercialisation&transferoftechnology

• Allocatededicatedfund

• NationalCyberSecurityInnovationfund

• DeclareCyberSecurityasastrategicarea

• Establish Cyber Security clusters across India, to acceleratedevelopment of the industry.

• Promote‘BrandIndia’asahubofCyberSecurityproductandservicesthrough global cooperation and advocacy

• InstituteaUseCaseClearingHousetofacilitategrowthintheCyberSecurity products and services ecosystem, and nurture IP creation.

• CreateapoolofonemillionskilledCyberSecurityprofessionals

• Education&Awareness

– Mandate the inclusion of Cyber Security education at all levels of education

– Host state and national-level Cyber Security hackathons

• AppointCISOandreportCSinitiatives

• LaunchanationwideCyberSecurityawarenessinitiativethattargetsleadership,decision-makers and end-users across multiple sectors of the industry.

Policy

Cluster/SIZ

Export MarketBranding

UCCH

Skills

Domestic Market

Policy enablement for cyber security product organisation

Several announcements made during the year where DSCI proactively engaged with government to enable conducive policy and regulatory climate are as below:

• Preferential Market Access for Indian Cyber Security products: In furtherance to Public Procurement (Preference to Make in India) Order 2017 by Department of Industrial Policy and Promotion (DIPP), the Ministry of Electronics and Information Technology (MeitY) released a draft Preferential Market Access Policy for Cyber Security stating that procuring entities shall give preference to domestically manufactured/ produced Cyber Security Products. DSCI endeavoured in helping MeitY in Industry consultation and bringing views of all the stakeholders together.

• Waiver for Security certification by STQC (MeitY): DSCI has been working with Standardization Testing and Quality Certification (STQC) to relax cost of Security certification for Cyber Security Start-ups. A 50% feewaiveronsecuritycertificationwasannouncedbyHon’bleMinisterofElectronicsand ITduringthe


launchofCyberSwachhtaKendra.Thisrelaxationwillhelpstart-upspursuecommoncriteriacertificationfor their products at an affordable cost.

• Workshop on Cyber Security of IT Products using Common Criteria standards: To spread awareness on Common Criteria (CC) evaluation scheme, DSCI in association with STQC conducted workshops in Pune and Bengaluru where DSCI members and start-up community were invited. The workshop covered background on CC standards and global scenario, details on CC evaluation using protection profiles, industry expectation in product security evaluation, and briefing on CC certification process among others.

Start-up Evangelisation

Nurturing Indian security start-ups and products ecosystem by enabling the environment favourable for their growth both in the domestic and global markets has been a key priority for DSCI during the year.

• Cyber Security Delegation to Singapore: A delegation of Indian Cyber Security product companies was hosted at InSpreneur (India Singapore/ ASEAN Entrepreneurship Bridge) 2018, organized by the Indian High Commission in Singapore. InSpreneur held on the side lines of the Pravasi Bhartiya Divas 2018 witnessed participation of leading investors, Venture Capitals (VCs), end-user organizations, senior government officials from Singapore and ASEAN countries. Sessions on Speed Dating were conducted with Cyber Security as one of the key tracks. Three organisations were shortlisted as part of the Cyber Security track and were felicitated at InSpreneur.

At InSpreneur, CEO DSCI also presented on Cyber Security landscape and opportunities for collaboration and growth between India and Singapore.



• Accelerating Commercialisation of Cybersecurity Products by DSCI & TDB: DSCI and Technology Development Board (TDB) joined hands to create a platform to enable funding ecosystem for cybersecurity product companies to accelerate their growth. Stakeholders from the government, funding agencies and industry participated to deliberate on the importance of putting a focused effort for cybersecurity companies and carved out a future roadmap. In a workshop jointly organised by DSCI and TDB, a few start-upsdemonstratedtheir capabilitiesandexploredavenues for leveragingTDB’s commercialisationprogram as one of the funding platforms. Various funding models favourable for these companies at different stages of their lifecycle were explored and deliberated upon and opportunities were provided to be part of the future evaluation process for funding from TDB. TDB has now called for funding proposals from growth stage growth stage security star-ups in India.

• Security Start-ups interaction with Army: DSCI hosted an interactive meeting between 21 Army Signals group and start-ups to make them familiar with the evolving cyber security innovations in the country. DSCI invited start-ups to demonstrate their capabilities and explore possible collaborations. Army officials discussed few use cases and explored solution offerings.

Use Case Clearing House

DSCI has been working to institutionalise Use Case Clearing House (UCCH) with the objective to discover niche white spaces/use cases in Cyber Security domain which could accelerate innovation and product development. The structure is aimed to support the dissemination of Use Cases to researchers & entrepreneurs who are willing to develop solution and enable their adoption.

Joint Working Group on PPP for Cyber Security

In the meeting organised by the Joint Working Group (JWG) DSCI and NASSCOM presented on four key topics: Cyber Security industry development, India as a cloud hub-policy imperatives, Data Protection and Cyber Security Skills Development.

For Cyber Security industry development, DSCI presented the roadmap, and vision and imperatives of seven key tracksof industrydevelopmentsuchasCyberSecurityproductsandservices, importanceofcybersecurityR&D,GICs, etc. The group was also apprised about the projects that have been undertaken as part of larger Industry building agenda. DSCI emphasized the need for all the stakeholders to collaborate to promote Indian cyber security industry, both domestically and globally. An overview of the evolving Digital technology landscape and importance ofcrossborderdataflowstotheeconomywasdiscussedduringthemeeting.

For Data Protection, DSCI presented briefly on Data Privacy imperatives in the view of Data Protection Bill in-making. The discussion was focused on the drivers for privacy, and considerations for drafting a Data Protection Bill. DSCI presented on the Data Privacy Standard getting developed by a committee setup under LITD 17 Committee of Bureau of Indian Standard (BIS).



Technology Repository for Cyber Capabilities

Withthekeyobjectivetoidentifyandmapnation’scurrentcybercapabilitiesandcompetencies,DSCIisdevelopinga ‘National Technology repository’. The repository is aimed at helping government, academia and Informationsecurity community with comprehension of technical capabilities in the cyber domain. A set of 25 technology areas has been identified for the development of the repository, which will be shown in the form of an easy to use web application.DSCIhasworkedontechnologyareas includingInternetofThings(IoT),BlockChain,Robotics,Cloudand Virtualization, Digital Forensics, Hardware - Semiconductor and emerging technologies including Artificial Intelligence and Cryptography.

DSCI has conducted two workshops with Industry and Academia respectively to gather feedback on approach and expectations. Beta release of the portal is planned in June 2018.

Pravasi Bhartiya Divas Roundtable ‘Developing Cyber Capacity of India’ hosted by MEA

Given the backdrop of increasing cyber challenges in the digital economy, Ministry of External Affairs organised Pravasi Bhartiya Divas Session focussed on Cyber Security. The outcome and recommendations of these roundtable meeting were aimed to shape future policies and actions through final recommendations at Pravasi Bharatiya Divas2018.ChairedbySmt.SushmaSwaraj,andShri.RaviShankarPrasad,thesessiondiscussedmyriadissuesincludingglobalcyberthreats,itsmitigationandbestpractices;Roleofstate,civilsociety,multi-lateralbodiesandprivate sector in addressing cybersecurity issues; Policy inputs to build industry confidence, trust and resilience in the digital economy; PPP models for Cyber Security cooperation and innovation; Partnerships between academia, civil society including public awareness, training, skills and curriculum in universities.

CEO DSCI participated, and presented on Cyber Security Industry Development giving an overview of current Cyber Security landscape & USD35 billion vision, India advantage, cyber security imperatives of Digital India; as well as the Indian Security Product landscape and capability.

Cyber Security Framework Adoption Issues in Smart Cities to government

In the inputs submitted by DSCI to government, DSCI highlighted specific challenges in the Cyber Security framework adoption in Smart Cities. These issues span from framework adoption, detailing of cyber security functionalrequirementsinRFPs,procurementconsiderationstoenablingtheecosystemdevelopment.DSCIalsorecommended approaches for the effective implementation and global best practices for its adoption.

NASSCOM-DSCI Tech series session on Cybersecurity for SMB

NASSCOM& DSCI convened cybersecurity sessions under theme ‘SMB and Cybersecurity - Cost of ignorance?’The sessions underscored multiple challenges of SMBs & start-ups from security implementation, attracting and retaining cybersecurity skills to security governance in SMB sector. It focused on understanding the depth & breadth of challenges of SMBs and their possible solutions leveraging benefits of outsourcing.

Paper Submitted to Department of Industrial Policy & Promotion (DIPP) on Cyber Security

DSCI submitted a paper to DIPP on roadmap for enhancing cyber security infrastructure protection capabilities, along with the need to develop capacity and raise awareness at government, industry (especially SMBs), schools and colleges and citizen level.

Workshops for Technology Foresight Study for ICT Security & Financial Security

‘TechnologyForesightStudy for ICTSecurity&Financial Security’ projectwas commissionedbyDepartment ofScience & Technology(DST) with DSCI & CDAC jointly. A workshop for a wide set of stakeholders from Industry, academia, and government working in domains of Internet of Things (IoT), SCADA, Big Data, Cloud & Virtualization



& Financial Systems & Services, was organized. The objective was to deliberate on the recommendations proposed by various functional groups for the afore mentioned technology areas. The study was completed and report was submitted.

Cyber Security Technology Roadmap – 2020

CEO,DSCI,presentedon ‘CyberSecurityTechnologyRoadmap–2020’atNITIAayogWorkingGroupmeetingonDevelopment Agenda for Science & Technology Sector. Highlighting Cyber Security Imperatives of Digital India, shefocussedontheroleofcybersecurityResearchandDevelopmentandkeycapabilitiestobeprioritisedinthecountry. Various emerging technologies such as Blockchain, Cryptography, Quantum Computing, etc. were covered.

trans-border Data Flow

DSCI engaged with Department of Commerce (DoC) on policy advocacy for Cross-Border Data Flows and facilitate global trade of services.

Inputs to DoC

European Free Trade Association (EFTA) countries expert group visited India to discuss India-EFTA Free Trade Agreement (FTA) and Services Agreement where DSCI presented to DoC and other stakeholders on the need to carveoutspecialarrangementtoaugmentcross-borderdataflowsbetweenthetwogeographies.

DSCIpresented itspositionon removingbarriers to crossborderdataflows toenhance consumerprotection inRegionalComprehensiveEconomicPartnership(RCEP)e-CommercediscussionshostedbyDoC.

Interactive Session: e-Commerce, Digital Infrastructure, Trade Rules and WTO

DSCIparticipated inan interactivesessionon ‘e-Commerce,Digital Infrastructure,TradeRulesandWTO’ jointlyorganized by FICCI and Centre for WTO Studies, Ministry of Commerce & Industry, GoI. The objective of the session was to discuss the emerging opportunities and challenges for India in e-Commerce sector. The session primarily focusedontherapidgrowthofe-Commerce/DigitalTrade,India’spreparedness,DigitalInfrastructure,InternetandDevelopmentIssues,CyberSecurityMeasures,RegulatoryFrameworkandConsumerProtection,andmore.

Data Protection & Privacy DSCI has been actively working with government and Industry to advocate the need for a robust data protection framework in the country, as it is critical not only for businesses in various sectors, but also for the adoption and success of Digital India mission.

General Data Protection Regulation (GDPR)

InMay2016,EuropeanUnion(EU)adoptedtheGeneralDataProtectionRegulation(GDPR)enhancingtheoverallprivacy regime in EU so as to harmonize the practices and rules followed by its member nations – a critical step towards its objective of digital single market. These rules not only govern the organizations and data controllers inEUbutalso consider theprocesses followedbydataprocessorsoutsideEU countries.WhileGDPR regulatesthe cross-border data flows and impact the businesses of the organizations outside EU, including India, theunderstandingofGDPRincontextofIndianorganizationsisofprimeimportanceintoday’sglobalizedworld.ToimprovethepreparednessoftheindustryonGDPRimplementation,DSCIintroducedthefollowinginitiatives:



• NASSCOM-DSCI GDPR helpdesk for members:DSCIalongwithNASSCOMhavecreatedaGDPRhelpdeskfor their members which seeks to respond basic queries of members and offers general guidance as theyprepare forGDPRcomplianceanddemonstrateaccountability.Visithelpdesk:https://community.nasscom.in/community/discuss/policies/gdpr/overview

• DSCI & NASSCOM members’ interaction with EU Commission: A series of workshops was organised for DSCI & NASSCOM members with Department for Justice (DG JUST), EU Commission – responsible for EU policyon justice, consumer rightsandgenderequality.Experts fromCrossborderflowsdepartmentofDG JUSTpresentedandrespondedtoNASSCOMmembersonqueries relatedtoGDPRapplicabilityandimplementation. These workshops were organised in Delhi, Bengaluru and Mumbai.

• DSCI-Deloitte GDPR Survey: InpartnershipwithDeloitte,DSCIconductedasurveytoassesstheGDPRawareness and preparedness levels of organizations operating in India. It also aimed at finding major challenges faced by organisations against the complex implementation requirements laid down in the regulation.

The information from this empirical researchwould help develop Best Practices for GDPR Compliancethat maybe be used by organisations as a touchstone while ensuring compliance. A survey report was developed and released.

• Series of Workshops: DSCI engaged with the IT-BPM, BFSI sector and hosted series of roundtable meetings,closedoormeetings,conferencecallstoapprisethemontheimplicationsofEUGDPR.

• Chapter Meetings: DSCI hosted Chapter Meetings in different part of India to help organisations improve theGDPRpreparednessintheindustry.ThesemeetingsentailedexperiencesharingbytheexpertswhohavebeenleadingtheGDPRimplementationattheirrespectivefirms.Thefindingsandkeytakeawaysfrom various consultations held in different parts of the country, was shared with the larger group.

Workshop for

DSCI members

GDPR Guidance

Material

GDPR Webinar

Series

GDPR

Workshop with

the European

Commission

NASSCOM-

DSCI GDPR

Helpdesk

EU-GDPRAwareness

Mumbai, Delhi

NCR, Bengaluru

GDPR

Implementation-20

point action plan

GDPR Applicability

matrix

Mumbai, Delhi

NCR, Bengaluru



Justice BN Krishna Committee of Experts on Data Protection Framework for India

GovernmentofIndiaconstitutedaCommitteeofExpertschairedbyRetiredHon’bleSupremeCourtJudgeJusticeBN Srikrishna to study various issues related to data protection in India and draft a Data Protection Bill. DSCI CEO being one of the members in the nine-member committee, participated and provided inputs to the deliberations. A whitepaper was drafted and public comments were sought to shape the data protection law.

DSCI and its industry members have been advocating the need for data privacy and protection law in the country for the last several years.After the constitution of theSriKrishnaCommittee,DSCI conducted several industryconsultation meetings in different cities to solicit inputs and DSCI-NASSCOM made a combined submission on the whitepaper to the committee.

Key inputs proposed in the joint submission included the following:

1. The law should be concise, laying down guiding principles of governance, allowing for notification of rules for clarification and procedural structure, prospectively applicable to both public and private entities processing personal data in the digital environment as well as offline filing systems with a 3-year time with possibility of extension for orderly transition applicable to personal data of all Indian residents.

2. The law must permit collection of personal information based on globally recognised grounds for processing with consent being only one of the criteria, whether the information is sensitive or otherwise.

The law should recognize situations where consent or notice is counterproductive, or irrelevant for pursuing legitimate interests and justifiable reason.

3. Data minimization should not be overemphasized at this stage of the evolution of our digital economy as this can impede innovation in the age of predictive analytics and machine learning. The law should take into consideration the actual use of the data, not mere possession.

It also proposed that an organization should be obliged to provide assurance of protecting such information during processing by itself or by a data processor.

4. On encouragement to adopt best practices the paper proposed. The data protection framework should incorporate provisions that provide impetus and incentives for increasing investment and innovation in privacy and security technologies

5. Lawshouldnotinhibitthedataflowswithinandoutsidetheterritorialboundaries,rather develop a framework for enforcement that makes sure that the Data controller offers the same level of data protection irrespective of where the data is processed or resides, as is applicable to it. Data localisation should not find place in any form in this legislation.

6. A positive, structured and tiered enforcement should be put in place. For the next level of escalation, a tiered structure maybe developed by DPA, for which the DPA mayco-optotherorganisationswhichmayappropriatelyincludeSROsinadditiontoleveraging internal structures.

Sessions on Privacy for leading Bank’s management

Several sessions were organised with the management team of leading banks to apprise them on Data protection and impact of Privacy.



DSCI Certified Privacy Professional Certification Program

This yearDSCI revised thePrivacyBody ofKnowledge (PBOK)withnecessary updates in thefield of dataprivacy and conducted several training batches on DCPP© Program.

Through these trainings, participants learned global concepts of data privacy, principles, standards, data protection laws, regulations, enforcement models, trans-border data flows, privacy enhancing tools andtechnologies, etc. and certification empowered them to showcase their knowledge in the industry.

Separate batches on privacy were conducted for leading telecom & IT services organisation in Delhi and Mumbai with the objective to enhance and advance the knowledge and skills of the participants in data privacy domain. Fundamentals of privacy, major global laws and regulations in privacy protection, diverse standards and frameworks were discussed besides focusing on technological aspects that drive the need for privacy.

Training and Certification

DCPLA© Training and Certification Program

Two batches of standard DCPLA© training and certification program was conducted during the year.

Over 100 candidates from leading banks, financial institutes, telecom, IT Services, product companies participated in these programs. Over 500 candidates from more than 250 organisations are trained till now on these programs.


In an endeavor to increase the base of privacy professionals in the country, DSCI runs certification program named DSCI Certified Privacy Privacy Lead Assessor (DCPLA©) and DSCI Certified Privacy Professional (DCPP©) certification program.

While DCPP© is a credentialing program for individuals who want to start and accelerate their careers in privacy, DCPLA© training and certification program is focused on privacy professionals who want to enhance their knowledge in privacy implementation and their assessments.


DSCI submission to TRAI Consultation Paper on Privacy, Security and Ownership of the Data in Telecom Sector

DSCIconsultedandsoughtcommentsfrommembersonthe issuesraised intheTRAIConsultationpaper.DSCIreiterated and reaffirmed the need for a balanced and calibrated approach for policy formulation with regard to Security, Privacy & ownership of Data. Once the data protection law is enacted, TRAImay review the existingprovisions in the Indian Telegraph Act and licensing conditions (UAL) and issue advisories or guidelines for TSPs for protecting personal information of users.

Roundtable Discussion on Right to Privacy Online

DSCIparticipated ina roundtablediscussionon ‘TheRighttoPrivacyOnline’organisedbytheUSEmbassy.Thediscussion was held among key stakeholders encompassing government, academia, private sector and think-tanks along the central theme of online privacy and data protection in India.

Roundtable conference on Consumer Data Privacy

DSCI organized a roundtable conference in Mumbai with security and privacy leaders from Finance and other sectors. DSCI developed a whitepaper on consumer data privacy to make companies aware of the rising expectations. It deliberated on compliance expectations, data protection responsibilities, approaches evolved to address consumer privacy issues and likely policy changes that may be required in the country.

International Conference on Computer, Privacy & Data Protection 2018

DSCI CEO was a speaker at a Virtual Conference - The International Conference on Computer, Privacy & Data Protection 2018, which was held jointly in New Delhi and Brussels by Vrije Universiteit, Brussel in partnership with Intel.Withthetheme ‘EvolvingDataProtectionRegimesandGlobal ImplicationsonDataFlows’ thediscussionfocussedaroundimportanceofcrossborderdataflows,changingregulatoryregime,regulatingprivacyprotectionand its impact on the data economy.

SpeakersfromBrussels includedProf. JosephCannataci,UNSpecialRapporteurontheRighttoPrivacyRiccardoMasucci, Global Director of Privacy Policy, Intel, Michael Donohue - Senior Policy Analyst OECD, Bruno Gencarelli, Head of Data flows and Protection Unit, European Commission, Malavika Jayaram, Digital Asia Hub and IndiaincludedDavidHoffman,AssociateGeneralCounselandGlobalPrivacyOfficer,Intel,RamaVedashree,CEO,DataSecurity Council of India.

TRAI Open House Discussion

DSCIwasinvitedtobeapartoftheOpenHouseDiscussionconductedbyTelecomRegulatoryAuthorityofIndia(TRAI),with respect to the Consultation paper on ‘Privacy, Security andOwnership of theData in the TelecomSector’forwhichDSCIhadsubmittedathoroughresponse.DSCIshareditsviewsandpositionwithrespecttodatalocalisation.



While Digitization unleashes a variety of new possibilities, it also gives rise to umpteen security and privacy concerns. DSCI engaged itself in comprehensive study of the ecosystem, policies and highlighted security and privacy related challenges at multiple forums. Through nation-wide awareness program merchants and users were encouragedtoadoptbestpracticesanddosanddon’tswhilemakingdigitaltransactions.

DSCI-NASSCOM inputs on MeitY ‘Security of Prepaid Payment Instrument Rules 2017- Draft’

Ministry of Electronics and Information Technology (MeitY) released the draft rules with the objective of enhancing Security of Prepaid Payment Instruments (PPIs) and sought comments and suggestions from the stakeholders to finalize the draft. DSCI and NASSCOM sought inputs from its member organisations and submitted jointly to MeitY. In the submission DSCI, highlighted need to develop overall security framework to govern the entire ecosystem, rather than stipulating different regulatory security rules for distinctive use cases. It also articulated that standardized and streamlined security related requirements rather than multiple regulatory requirements originating from different sources, will help raise focus on security implementation. With recommendation ofdevelopingaprinciplebased framework forsecurityofdigitalpaymentecosystembyRBI, the importanceofenacting a comprehensive Privacy Law in India were the key highlights of the submission.

DSCI-NASSCOM Submission on RBI Master Directions on PPIs

The Reserve Bank of India (RBI) released Master Directions on Issuance and Operation of Prepaid PaymentInstruments (PPIs) in India and sought comments and suggestions from the stakeholders to finalize the draft. DSCI-NASSCOM analyzed the draft, consulted member organizations operating in this space and accordingly submitted theinputstoRBIforfurtheraction.Theinputshavebeenprovidedontheoverallapproachthisframeworkshouldtake, followed by section specific comments.

RBI’s Sub-Committees on Mobile Banking & Credit Card Security

DSCIhasbeenengagedwiththetwosub-committeessetupbyReserveBankofIndiaonmobilebankingsecurityand credit card security. With increasing adoption of digital payments in the country, these committees have been setuptodevelopbestpracticesanddiscussapproachesthatcanbetakenbyRBItogovernthemobilebanking/payment space and credit card transactions. DSCI contributed on various sections of the report along with other industrymembers.Boththesub-committesconcludedtheirdeliberationsandsubmittedthereporttoRBI.

Securing India’s Digital Payment Frontiers

DSCI in associationwithPayPal India released a joint study – ‘Securing India’sDigitalPaymentFrontiers’highlightingthecurrentstateofcybersecurityinthedigitalpaymentecosystem. The key objective of this study was to analyse India’s journey in digitalpayments and its cyber security dynamics, prevailing cyber threat landscape, polices, regulations, standards along with future trends and best practices at the enterprise level.


Digital Payments


KEY Recommendations

• Along-termstrategyformanagingthedynamicglobalcybersecurityenvironmentand controlling cybercrime

• Standardizationofdataprotectionlawsandcybersecurityframework

• Comprehensive regulatory guidelines on technology risk management, paymentsecurity management and business continuity management

• Mechanismforencouragingthreat intelligencesharingacrossthedigitalpaymentecosystem

• StrongstartupinnovationprogramforcybersecurityandtheFintechindustry

• Public-privatepartnershipsforcybersecurityskillsandworkforcedevelopment

• Regulatorysandboxenvironmentforcybersecuritytesting

• Incentivizing Model for companies to make cybersecurity and data protection apriority for Boards and C-Suites

Digital Payment Suraksha Campaign

DSCI in association with MeitY and Google India, launched Digital Payment Suraksha – an awareness campaign to educate end users and merchants on security and safety best practices while making digital transactions. The campaign was launched by Shri Alphons Kannanthanam, Hon. Minister of State for Electronics & InformationTechnology and Ministry of Tourism (Independent Charge) along with Shri Ajay Sawhney, Secretary, MeitY.

Awareness videos and brochures for various payment channels were created in five different languages namely Hindi, English, Gujarati, Tamil and Telugu for payment channels including Mobile Wallets, Debit & Credit Card, Online & Mobile Banking, UPI & BHIM, AEPS and USSD. The campaign was supported by Government of Telangana, NABARD,NPCI,andprivateplayerswhichincludeAirtelPaymentsBank,AxisBank,MasterCard,Paytmpaymentsbank, PayPal, Visa.

More details on https://www.dsci.in/digital-payment-suraksha/



Improving Financial Crime Investigation in Digital Payment Frauds

Awareness for Digital Payment Security and Frauds

DSCIparticipatedinapaneldiscussionon‘DigitalPaymentSecurityandFrauds’atCNBCAwaazshow‘Pehredaar’.The importance for organizations and individuals to report cyber frauds and attacks to concerned stakeholders, and need for government and industry to focus on digital payment security awareness in the country, was raised in the show.

To address the challenges pertaining to digital payment frauds, DSCI in association with Paytm Payments Bank has built a program for Law Enforcement Agencies (LEAs) to equip them with latest technology trends & skills to address consumer grievances more effectively. The joint program will help LEAs to find synergies with Payment intermediaries to understand dynamics of digital payment ecosystem and suggests best practices for investigation.

As part of the initial phase DSCI conducted workshops in Kolkata, andMumbaiexclusively for LEAs involved in cybercrime investigations.

A Pocket Guide book on ‘Cybercrime Investigation’ which would act as a quickreference to the Investigating officers was also developed as part of the initiative. The pocket book highlights best practices and contextual information required to effectively investigate cybercrimes.

This initiative would create significant impact in understanding the issues and challenges related to frauds and consumer grievances on digital payment channels.



threat Intelligence Research (ti&R)With the view to strengthening technical and research capabilities, DSCI started working towards threat Intelligence and research to build its capabilities in threat intelligence, threat hunting, malware research, exploitation research and active cyber defence amongothers. The threat IntelligenceResearch initiative is aimed at adding value tomembers through timely research.

InadditiontoadvisoriesonransomwareattacksincludingWannacry,BadRabbit,DSCIalsoproducededucationalcontent in form of newsletters, infographics, videos.

Emerging technologies Keeping up with the fast pace technological advancements, DSCI was instrumental in engaging with thestakeholders and community to bring forth discussions on Artificial Intelligence, Machine Learning, Blockchain among others while highlighting security and privacy imperatives. In addition to building community, DSCI also participated in discussions at different forums.

DSCI on boarded as cyber security advisor for Bankchain Consortium

DSCIwasonboardedas‘CyberSecurityAdvisor’ofanIndustryconsortiumonBlockchainknownasBankchain.AsadvisorDSCIwouldprovidecybersecurityrelatedadviceonBankchain’sprojects.Bankchain,consistsofIndianandsome Middle Eastern banks, and provides a development platform to its member base to develop blockchain based solutionswithusecasesonareassuchasKYC,P2Ppayments,tradefinance,etc.

Cloud Security Clarification on the Cloud Services - Guidelines for Government Department

MeitY had finalized Guidelines for Cloud Service Adoption, Service Level Agreements (SLAs) for procurement and Contractual terms. On 1st of May, MeitY again issued invitation for empanelment of Cloud Service Providers (CSPs), beyond the current list. Guidelines for Government Departments for Adoption/ Procurement of Cloud Services mentioned CSPs to get their facilities/services certified and compliant against standards including ISO 27001, ISO/IEC 27017, ISO 27018, ISO 20000, PCI DSS (based on the project requirements).

DSCI sought clarity from MeitY on whether a CSP can get third party certification against these standards or if certification by STQC is mandatory. Further to the discussion, DSCI issued a clarification to its members that required certifications like ISO 27001, ISO 27017, ISO 27018 etc. re-certification by STQC is not mandatory; third party certification will also be considered.

DSCI was also part of the Audit Criteria Committee for Cloud set up by MeitY.

Reconstitution of Cloud Working Group by MeitY

MeitY reconstituted the ‘Cloud Working Group’ under the chairmanship of Kris Gopalakrishnan. DSCI CEOparticipated in the first meeting of the working group. The working group is chartered to deliberate on the following:

• Globalstatusofcloudcomputing/serviceandapproachbeingfollowedinpromotionofcloudservices

• Statusofcloudcomputing/servicesinIndia

• Thedemandprojectionsinrespectofcloudcomputing/servicesinIndia.



• Identifyingbottlenecks (suchas infrastructure in termsofcivil structure,poweretc.) inpromotionandimplementation of cloud computing services in India.

• Toevolveaframeworkforpromotionandenablementofcloudservicesinthecountry.Theframeworkmayinvolve policy in all respect including security, privacy and investment and fiscal incentives.

• Consultationswithcloudserviceproviders.

Workshop on Cloud Data Governance & Security by MeitY

DSCI represented on Data Governance and Classification model for Cloud in Government sector. Various issues around cloud governance and data classification were deliberated along with discussion around guidelines, international best practices, strategies and techniques in the journey towards cloud adoption. DSCI also introduced the audience to a framework to help government agencies evaluate and adopt best cloud based solution.

Skill Development One of the key tracks of CSTF entails strategic focus on Capacity Building and cyber security Skills development. With the vision to create a pool of one million certified and skilled cyber security professionals by 2025, DSCI in association with SSC NASSCOM, has been working towards developing an ecosystem for skill building. A Cyber Security Career Map was developed and 10 upcoming Job roles were identified. Courseware (Student Handbook and Facilitators Guide) for five of these job roles were developed including (i) Penetration Tester (ii) Analyst-Endpoint Security (iii) Security Infrastructure Specialist (iv) Analyst-Compliance & Audit (v) Analyst-Identity & Access Management.

launch of Courseware & Skills townhall

In association with SSC NASSCOM, DSCI launched courseware on Penetration Tester, Analyst-Endpoint Security atAISS2017.ToreflectontheCyberSecurityskillbuildingecosystemofthecountry,DSCIorganisedskillstownhall on the sidelines of Annual Information Security 2017. The participants of the town hall represented different stakeholders of the skill building realm which helped bring in perspectives from the demand side as well as the supply side.

IT Assurance /

GRC

Application Security

Data Security &

PrivacyBCP/DR

Network Security

Management

IT Forensics

Incident Management

Industrial Control Security

End Point

Security

EPS Support -Desktop

(SSC/Q0905)

Security Analyst(SSC/ Q 0901)

Analyst –DR

(SSC/Q0910)

Analyst –Compliance &

Audit(SSC/Q0907)

Analyst – IR(SSC/Q0908)

Analyst –ApplicationSec.

(SSC/Q0903)

Analyst –Network Sec.(SSC/Q0902)

Forensics Specialist

(SSC/Q0922)

Threat Analyst(SSC/Q0916)

Consultant – BCP/DR

(SSC/Q0924)

Consultant –GRC

(SSC/Q0921)

Data Protectn off.(SSC/Q0915)

Consultant –AppSec

(SSC/Q0918)

ArchitectAppSec

(SSC/Q0927)

Consultant –NetSec

(SSC/Q0917)

Architect-NetSec

(SSC/Q0926)

Penetration Tester(SSC/Q0912)

Service Delivery Head

(SSC/Q0933)

Head-BCP/DR

(SSC/Q0937)

Head- GRC(SSC/Q0934)

Head, IR(SSC/Q0935)

Analyst- IOT Security

(SSC/Q0911)

Consultant, IOT Security(SSC/Q0925)

Consulting Org

Entry

Lev

elM

iddl

e Le

vel

Lead

ersh

ip L

evel

Trac

ks

Career Map for Cyber Security

Identity & Access

Management

Administrator IdAM

(SSC/Q0904)

Consultant –IdAM

(SSC/Q0919)

Architect-IdAM

(SSC/Q0928)

Security Operations

Analyst –SOC

(SSC/Q0909)

Sec. Infra. Specialist

(SSC/Q0923)

SOC Specialist(SSC/Q0930)

Head, SOC(SSC/Q0936)

CISO / CPO / CRO(SSC/Q0940)

User Org

Consulting Partner

(SSC/Q0938)

Global Head-Security Services

(SSC/Q0939)IT Services Org

Director Consulting

(SSC/Q0932)

Privacy Analyst

(SSC/Q0906)

Privacy Lead

(SSC/Q0929)

Consultant Database Protectn

(SSC/Q0920)

Architect SOC(SSC/Q0931)

6 leveL7 leveL

8 leveLF

QSN

9 leveL01 leveL

EPS Support -Mobile

(SSC/Q0913)

Analyst –Hardware sec.

(SSC/Q0914)



DSCI continued to build capacity of law enforcement, judiciary, armed forces & prosecution departments in handling cybercrime investigations through its Cyber forensics facility at Bengaluru. In addition to training and advising law enforcement agencies on cyber investigation, DSCI also provided a platform for stakeholders including judiciary, industry (IT-BPM, BFSI, oil and energy) and academia to collaborate and created awareness to effectively handle cybercrimes.

During this year, over 2100 personnel from law enforcement and judiciary through its structured five-day and short courses. Since inception, DSCI has trained over 65,000 personnel through its cyber labs.

Special activities organised during the year

• Karnataka Judicial Academy and Jammu & Kashmir Academy: Multiple sessions on ‘Legal aspect of digitalevidence’forJudges

• National Police Academy (NPA): Session on ‘Computer, Mobile & Social Media Threats in Cybercrimes & CyberSecurity’orseniorpoliceofficers

• University of Tulsa: An exclusive short course on “Invasive Embedded Device Forensics” for Senior Police officers

• City Crime Branch (CCB), Bengaluru City:Anexclusivetrainingon‘MalwareInvestigation’

• Indian Air Force:Two5-daytrainingson‘CybercrimeInvestigationTechniques’forSr.officers

• Indian & Foreign Military Officers:Multipleshortcourseson‘latesttrendsincybercrime’

• Naval Officers:Asessionon‘OverviewofCybercrimes’

• Direct Taxes Regional Training Institute (DTRTI): Session on ‘Search & Seizure of Digital Evidence & Emergingtrendsincybercrimes’

• Chief Investigation officers of Intelligence Bureau:Asessionon‘TrendsinCybercrimes’

• Canadian Global Information Technology:Guest lectureon ‘Importanceofhaving IncidenceResponseManagement Team” for Information Security team

• Telecom Regulatory Authority of India (TRAI):Asessionon‘Cybercrimes&IncidenceResponse’fortheofficials from Government department, Law firms & Educational institutions

• Uttar Pradesh (Noida) Police:Sessionon‘Cybercrimes&Cyberforensics’forpoliceofficers

• Rail Wheel Factory:Conductedasessionon‘LatesttrendsinCyberspace’forheadofdepartmentsofRailwheel factory

• Kerala Police:Adayprogramon‘Cybercrimes&Cyberforensics’

• Amazon India:Sessionon‘IncidenceHandlingTechniques’forInformationSecurityTeamofAmazon.

• Karnataka Police Academy (KPA):Workshopon‘CybercrimeInvestigationTechniques’forpoliceofficers

• Sapthagiri College of Engineering:Asessionon‘CyberSecurity’


Cybercrime & Forensics


Cybercrime Awareness Workshop for law enforcement in Mangalore & Goa

DSCI with the support form MeitY, and state police conducted Cybercrime Awareness Workshops in Mangalore and Goa. The discussions in these workshops revolved around topics including Emerging Trends in Cybercrimes, Special Session on Presentation of Digital Evidence in Court of Law, Financial Crimes, Digital Forensics, IT Amendment Act 2008, and Mobile Phone Crime Investigation among others. Over 200 Senior Police officials from respective states joined the awareness program.



Annual Information Security Summit (AISS)

DSCI successfully hosted the 12theditionofitsflagshipevent-AnnualInformationSecuritySummitAISS2017thatwitnessed participation from 853 delegates that represented 417 organizations from diverse stakeholder groups including but not limited to Industry, Government, Defence, Academia, PSUs, etc. The Summit was supported by 47 different organisations who on boarded as sponsors, partners and exhibitors and showcased their niche capabilities. An eclectic line-up of 150 esteemed speakers and a rich agenda were the key highlights of the conference which deliberated in multiple formats, pressing Cyber Security issues such as Right to Privacy, IoT Security, DigitalForensics, 5G Security, SCADA Security, Potent & Wider attacks, Future of Crimes et al.

This time around, AISS agenda offered several new features such as the Hands-on Workshop on APT Attacks & Malware Analysis, Capture the Flag Hackathon, Segamathon – Security Game Hackathon, Security debate-Bug BountyforEVMs,SkillsTownhall&AR/VRforCyberSecurityaspartoftheengagement.


Outreach and Awareness




Best Practices Meet 2017

DSCI successfully concluded its ninth edition of Best Practices Meet (BPM) in Bengaluru. BPM focused on the contemporary evolution of varied aspects of security. The evolution of technology innovation and approach to securitythrough‘CognitiveComputing’hadinspiredthisyear’sthemeas‘CognitiveSecurity’.

BPM agenda focused on the contemporary evolution in security underscoring the emphasis on adoption of cognitive and data driven technologies, techniques and solutions and discussions around the challenges were brought forth. Keytopicsdeliberatedduringthetwo-dayconferenceincludedArtificialIntelligence,MachineLearning,AutomotiveSecurity,SOCstransitioningtoCyberDefense,CybercrimeInvestigation,CognitiveRiskFrameworkandmore.

To enable focused discussions on ongoing challenges faced by the industry, DSCI organized workshops on Malware Forensics, Cyber Insurance, Data Science, General Data Protection Regulation (GDPR) Implementation, ProductSecurity & DevSecOps, Indicators of Compromise & Attacks and others. Along with some intriguing session on Privacy in Identity systems and policy expectations in Artificial Intelligence, Blockchain, encryption etc., the conference witnessed security startups showcasing cutting-edge capabilities and setting new benchmarks for innovation in India in the domain.

With 30+ sessions, 70+ speakers and 400+ participants, BPM 2017 witnessed focused group meetings, technology showcase and peer-to-peer networking from both solution providers and user organizations



DSCI Excellence Awards 2017

The seventh edition of DSCI Excellence Awards for Corporate, Product and Law Enforcement Segments was held atAISS2017.Dr.GulshanRai,NationalCyberSecurityCoordinator,GovernmentofIndiawastheChiefGuestandMr. Pramod Bhasin (Chair of Corporate Segment Jury), Founder, Genpact; Chairman Chairman, The Skills Academy, felicitated the winners.

DSCI received maximum nominations in this year with 220 entries. DSCI Excellence Awards is an effort to recognise and honour organisations and individuals for their exemplary performance in the fields of cyber security and data protection.

At the ceremony DSCI gave away awards to the winners of the corporate, law enforcement product segment. Winners of Innovation Box- Most Innovative Product of the Year, Segamathon and Hackathon were also awarded.

2017 Winners Details: https://www.dsci.in/content/dsci-excellence-awards-2017



Security Practices in Organization

Banking

IT-ITeS/BPM (MSME) Energy G2C

Insurance Critical Information Infrastructure

IT-ITeS/BPM (Large)

Special Jury Recognition Award

Privacy Practices in Organization Cyber Security Evangelists

Security Leader of the Year Privacy Leader of the Year

Bharat Panchal NPCI (Digital Payments)

Shiv Kumar Pandey BSE (CII)

Vishal Salvi Infosys (IT-ITeS)

Privacy in IT-ITeS/BPM Sector

Best Security Practices in Payments Bank

Cyber Security Research by Academic Institute

Emerging Security Leader

Privacy in User Industry

Cyber Security Services

Cyber Security Education Raising Security

Awareness


(Telecom)

Sandeep Bansal Concentrix

Corporate Segment Winners

Satish Asnani BHEL

³ÖÖ¸üŸÖßµÖ ×¾Ö–ÖÖ −Ö ÃÖÓÃ£ÖÖ −Ö



India Cyber Cop of the Year

Mr. K. E. Baiju ACP,KeralaPolice

Hackathon Winner Segamathon Winner

Innovation Box – Most Innovative Product of the Year

Excellence in Capacity Building of Law Enforcement Agencies

CID Telangana State

Team Pyramid Game I’ve been watching you

Team SpritePlay

Security Product Company of the Year

Product Segment Winners

law Enforcement Segment Winners


Industry celebrated Data Privacy Day under the aegis of DSCI

January 28 is celebrated as Data Privacy Day (DPD) across the world with the objective to sensitize individuals and disseminate awareness on privacy practices and principles. On the occasion, DSCI disseminated a message centered on privacy encouraging the organizations to adopt Wallpaper theme created by DSCI. The Wallpaper was adopted by over 150 organizations including regulators and industry in various verticals like IT-BPM, BFSI, Health care, Energy, e-commerce, and others in India and abroad counting to over 6 Lacs screens. Privacy Quiz and meetings were also organised by various organisation where DSCI participated and apprised them on privacy issues and challenges.



Global Conference on Cyber Space (GCCS 2017)

DSCIhostedaCurtainRaisereventofGCCSon‘DigitalPolicy–Keyimperatives’.‘ChangingCharacteristicsofDigitalEconomy’and‘ShiftingFocusonConsumers–Safety&Protection’werethethemesoftheworkshopsconductedduring the curtain raiser.

At GCCS, DSCI mentored a plenary session on ‘Guiding global collaborations and partnerships essential for ensuring asafeandsecurecyberspace’andconductedaparallelsessionon‘PoliciesandframeworkforprotectingCriticalInformationInfrastructure(CII)’.

Oracle Open World

CEO,DSCIpresentedatasession‘Security-Anewparadigm’attheOracleOpenWorldconferenceheldinNewDelhi.With the back drop of ambitious technology driven projects like Digital India and Smart Cities, which are primarily driven by Cloud technologies, CEO discussed new paradigms emerging in the Security domain. She highlighted theChiefInformationSecurityOfficers’(CISO’s)perspectiveonthechangingparadigmofsecurityintheworldofTechnology. She discussed security as an overarching concern for all digital initiatives and how CISOs are devising strategies and utilizing solutions to develop next gen proactive and defensive security capabilities.

Keynote in UAE Cyber Defence Summit

DSCIjoinedhandswithNASEBAasthe‘IndustryPartner’inthe10th Cyber Defence Summit conducted in UAE. CEO, DSCI,presentedon‘NationalCyberSecurityPreparedness’providingaglobalperspective.Thechangingworldofsecurity was highlighted showing the new age threats such as ransomware, DDOS attacks, and more. The global phenomena across various sectors in Critical Information Infrastructure (CII) & National Security was highlighted.

The priority areas such as CII Protection, security audits and testing of vulnerabilities, building Cyber Security Workforce, Cyber Fusion/Defence Centres was highlighted. The way forward for nations in improving their national Cyber Security was also touched upon.

Oil and Gas Digital technology Summit

DSCI presented on ‘Securing Oil & Gas Digitization Journey’ at ‘Oil & Gas Digital Technology Summit’. DSCIhighlighted the changing digitization paradigm, threats and challenges and Security in the oil & gas sector.

DSCI representation in Business World BFSI Risk & Security Summit 2017

CEO,DSCI,addresseddelegatesatBusinessWorldBFSIRisk&SecuritySummit2017inauguralsessiononBuildingDigital Trust Platform for Secure Electronic Banking, held in Mumbai. DSCI also presented on emerging technological approachofBlockChaininRiskManagement,DataSecurity.

Data Privacy & GDPR session in 10th Annual Global Conference 2017 of ControlCase

DSCIaddressedsecurityandcomplianceprofessionalsondataprotectionandGDPR.DSCIdiscussedthenuancesofdomesticandinternationalcomplianceregimesemergingdueto‘RighttoPrivacy’rulingoftheSupremeCourtandthenewEUGDPRregulation.

DSCI-CISCO Roundtable Meeting

DSCI inassociationwithCiscoconducted roundtablemeetingon ‘ChangingParadigmofCyberSecurity’.Varioustrackscoveredduringthemeetingswere‘EmergenceofPlatformSecurity’,‘Techniquesofdealingwithpotentandwiderattack’,‘TransitionofSOCstoCyberDefencecentres’andnuancesofcyberdefencecentres.Industryexpertsfrom leading critical infrastructure sector participated and contributed to the meeting.


Other Events


‘Palo Alto Networks - Cyber Security Forum’

DSCI, addressed delegates in a panel discussion on ‘Is Prevention the future of Cybersecurity?’ The session,attendedbymorethan70personnel,wasconductedat‘PaloAltoNetworks’-CyberSecurityForum’inBangalore.

Keynote address on ‘Cyber security & Malware Analysis’

DSCI,was invited as the Chief Guest in a two-dayworkshop on ‘Cyber security&MalwareAnalysis’ conductedby Oxford College of Engineering. He delivered the keynote address briefing over 250 students on the career opportunities in the field of cyber security and malware analysis.

DSCI presentation at Iot World Asia Conference

DSCI presented at the Internet of Things World Asia conference held at Singapore on July 3-4. DSCI presented on Cyber Security and privacy aspects of IoT in India’smanufacturing companies; defining Internet of Thingswithrespect to smart manufacturing sector in India and the timeline for evolution of smart manufacturing globally and in India from 2017 till 2025. The effort included the state of IoT adoption in manufacturing with the help of applicative scenarios, Cyber Security and Privacy Challenges derived from it, and countermeasures to overcome the challenges.

Cyber Security conference in Hyderabad

DSCI partneredwithNASSCOM for a conference on Cyber Resilience and Privacy Challenges under NASSCOM’sBusiness Excellence Initiative, organized in Hyderabad. It was inaugurated by CEO, DSCI and attended by over 135 participants. Agenda of the event covered various dimensions of Cyber security and privacy including preparedness in the age of fourth Industrial Revolution, Risk andResponsibility in aHyper ConnectedWorld, discussions onGDPR,InformationSharingandAnalysisforcreatingthreatintelligenceforbankingsector–initiativesundertakenbyIDRBT,PrivacyimperativesinTechnology&DataCentricInnovations.

Supplier’s Meet of Global telecom Giant

DSCI,upon invitationfromaglobaltelecomgiant,deliberated intheirsupplier’smeetontheevolutionofcybersecurity and privacy ecosystem in the country. The meeting was organized to deliberate on security and privacy risks managed by the third parties while delivering IT and Business services. DSCI interacted with suppliers and security team of the telecom giant on the evolving ecosystem for cyber security, and the paradigm change due to theSupremeCourt’sdecisiononRighttoPrivacy.

Cyber Economics session at Infosec Global 2017

CEODSCIaddressedasessionon ‘CyberEconomics:Getting theBoardonboardwithCyberSecurity’at InfosecGlobal2017inKolkata.

Participated at DigiComp 2018

DSCI presented on ‘Cyber Security of Industrial Enterprises’ at DigiComp 2018 organised by Indian Chamber ofCommerce. Topics discussed included changing Digitization Paradigm, evolving attack surface, transforming Security Paradigm, next gen cyber security elements.

Cyber Security Conclave for Financial Sector

DSCI participated in a session on ‘Challenges faced by Academia, Start-ups and Government in Creating a Cyber Security Ecosystem’ at the Cyber Security Conclave for Financial Sector organised by NITI Aayog. The sessionaimed to identify gaps in the current cyber ecosystem pertaining to capacity building and skill development of the existing workforce. The role of industry and academia in creating specialized training programmes for the existing cyber security workforce who need specific skills and specialized knowledge to address various threats was also discussed.



BFSI Cloud & Security Summit

CEO, DSCI was Guest of Honour at the 2nd BFSI Cloud & Security Summit 2018 organised by Elets Technomedia. She addressed the delegates and shared the evolving technology landscape of banking sector, their digitization journey & cyber security preparedness. She also emphasized how emerging technologies like Blockchain is being leveraged by start-ups in the banking sector.

Privacy and Data Protection at Information Security forum meet

DSCI, presented on Privacy and Data Protection, at the Information Security forum meeting of the Oil & Gas industry association, hosted by HPCL at Hyderabad. The session focussed on the developments in the privacy ecosystem of the country, with special emphasis on the upcoming Indian Data Protection Law, which would be applicable across public and private entities.

Hitachi Social Innovation Forum

CEO,DSCIwaspartofthesessionon‘BOTvsBOT;InnovationinautomatingCyberSecurity’attheHitachiSocialInnovation Forum – an initiative by Hitachi in partnership with Business today. The session focussed on the current cyber security scene in Indian context and future readiness and strategies to make security solutions even better. CEO shared her views on Cyber Security preparedness and concerns in the age of Automation and IoT.

Address on Iot Security at VIVID 2018

DSCI presented at VIVID 2018 – three-day National Meet, organised by National Informatics Centre (NIC), on IoT Security. It focussed on IoT Paradigm, New Security Paradigm, Timeline of IoT Cyber Attacks, and way forward for India.

2nd Annual Smart tech Healthcare lecture

DSCI delivered a lecture at the 2nd Annual Smart Tech Healthcare event on “Managing Healthcare Cybersecurity beyond Checkbox Compliance”.

tRAI lecture on Cybercrimes & Incidence Response

DeputyDirector,DSCI,uponinvitebyTRAI,deliveredalectureon“Cybercrimes&IncidenceResponse”.HostedbyTRAIvariousdignitariesfromtheGovernmentdepartments,Lawfirms&Educationalinstitutionsparticipatedinit.

DSCI address at Bharat Heavy Electricals limited (BHEl)

DSCI CEO addressed senior delegates of BHEL at the BHEL Crisis Management Meet on Cyber Security of the Industry4.0.DSCIalsoconductedasessionon‘MythandRealitiesinCyberSecurityofSCADA’.

Workshop on Blockchain at IIt Bombay

DSCI sponsored an advanced workshop at IIT Bombay on Blockchain: Technology, Applications, and Challenges. The workshop entailed presentations from subject matter experts from the Industry as well as Academia.



Membership Engagement To understand the challenges faced by the industry both at the organisation and sectoral level, DSCI conducted several face-to-face meetings with its members management and larger Information security teams. Few activities carried out to engage the members are mentioned below:

Cyber Security Awareness Workshop for tHDC

Two cybersecurity awareness workshops were conducted for Tehri Hydro Development Corporation (TEHRI).Oneworkshopwas conducted inTehri, for40seniorofficialsofTEHRIanda second inRishikesh, for25 seniorInformation security officials. The content covered included cybersecurity ecosystem, best practices, operation Technology security basics, incidents on Industrial Control Systems (ICS) networks, among others.

Workshop on GDPR for State Bank of India

Ahalf-dayworkshopfocusedonGeneralDataProtectionRegulation(GDPR)wasconductedforSBIastheygearuptheirreadinessgivenSBI’slargefootprintinEU.TheworkshopwasattendedbyvariousGMs,DGMs,AGMs,IThead, Compliance and risk heads, business function heads and many other senior officials.

Workshop on Privacy for HPCl

A half-day data privacy awareness workshop was conducted for HPCL at HPCL, Mumbai. The workshop was attended by various functional leaders and senior officials in HPCL. The topics covered included data privacy ecosystem, drivers, challenges, principles, regime in India and various related updates in the industry.

Workshop on ‘Demystifying Cyber Range’ for energy and Oil & Gas sector

DSCI, in association with TCG-Digital organised a workshop on ‘Demystifying Cyber Range’ for its members.The workshop focussed on giving an overview on Global Security landscape in Oil & Gas and Energy sector and demonstratingCyberRangeasaplatformforconductingvariouscyberdrillsandRedTeam&BlueTeamexercises.The workshop was well received by the 20 participants from Critical Infrastructure organisations.

Sessions for IDFC Bank

DSCI conducted a session on various topics including digital signatures, privacy, Blockchain for IDFC Bank. The session included discussions on its evolution, functioning, use cases and cyber security challenges associated with it.

Several other awareness sessions undertaken to offer value to members are following:

• SessiononGeneralTrendsinCyberSecurity,ITgovernanceandInsiderThreatsforCanaraBank

• SessiononincidenceresponseforPunjabNationalBank

• WannacryandothercyberthreatsforNationalNationalHydroelectricPowerCorporation(NHPC)

Member Consultation on DSCI Charter and priorities

DSCI conducted a consultation meeting with select invitee members on shaping its future strategy and charter. DSCI presented its journey since inception and its evolution in the past nine years. Members shared their perspectives and the brainstorming exercise was concluded with many positive takeaways. DSCI AGM – Annual General Meeting was also hosted on the side-lines of the consultation meeting.



Advisory to Members

DSCI Inputs on WannaCry Ransomware Petya’ Ransomware and Blue Whale’

DSCI-NASSCOM,acknowledgingtheglobaloutbreakon‘WannaCry’Ransomwarealertedtheindustryandissueda compilation of best practices to counter the challenge. DSCI proactively engaged with the industry, worked with leaders (CISOs/ CIOs) across industry andCERT In, and shared important information and advisory to theorganizations.

Blue Whale – DSCI also released an advisory on Blue Whale and advocated the role of parents and teachers in Internet safety.

Advisory on ‘BadRabbit’

DSCI,issuedanadvisoryon“BadRabbitRansomware”highlightingvariousdetailsoftheimpact.DSCIproactivelyengaged with the industry and shared important information to the members and community.

Community Evangelization

Mumbai Chapter Meeting

A half day chapter meeting was conducted in Mumbai hosted by AGC networks. The discussion was focused on EU GDPRimplementationandcompliancequeriesfacedbyvariousIT-ITeSandBPMorganizationsinIndia.

Cybersecurity event for Students, ‘Enigma’

Enigma 2017 – a cybersecurity event for students was conducted at the Symbiosis Centre for Information Technology (SCIT) campus, Hinjewadi, Pune. Students were apprised over the career opportunities in Cyber Security and the skills required to pursue them. Sessions with live demonstration was conducted for Denial of Service (DoS), Vulnerability Assessment and Penetration Testing (VAPT). Sessions on Blockchain, Cybercrime and challenges, and a quiz competition was conducted. Around 250+ students across 13 colleges attended the event.

Pune CIO Roundtable Meeting

DSCIPunechapterconductedaCIORoundTablemeetingtofocusoncreatingandsustaininginterestinadoptionof Smart Manufacturing. One of the major concerns in its adoption is “security and confidentiality of data” and the workshop deliberated on ways to implement secure smart manufacturing systems. Several business use cases were also discussed during the meeting.



DSCI IN NEWS


DSCI IN NEWS


CORPORAtE MEMBERS lISt

3i Infotech

3M India

4i Apps Solutions Pvt Ltd

7seas Technologies Limited

Aabsys Information Technology Pvt. Ltd.

Abzooba India Infotech Private Limited

Accel Frontline Limited

Accenture Services Pvt. Ltd.

Acclaris Business Solutions Pvt. Ltd.

Accretive Health Private Limited

Add Technologies (India) Ltd

Aditya Birla Management Corporation Pvt. Ltd

Adobe Systems India Private Limited

Adp Private Limited

Advanced Business Intelligence And Analytics Pvt Ltd.

Adweb Technologies Pvt Ltd

Aegis Limited

Airtel Payments Bank Ltd

Aks Information Technology Services Pvt Ltd

Alcatel-Lucent India Ltd

Allahabad Bank

Allerin Tech Pvt Ltd

Allianz Worldwide Partners

Alsbridge Advisory Pvt Ltd

Altimetrik India Pvt. Ltd.

Amaze Infotainment Pvt Ltd

Amdocs Development Centre India Pvt. Ltd.

Amrut Software Pvt Ltd.

Anarghyaa Etech Solutions Pvt Ltd

Anibrain Digital Technologies Pvt Ltd

Appexigo Technologies Pvt. Ltd.

Applied Materials India Private Limited

Apppoint Software Solutions Pvt Ltd

Aptech Limited

Arctern Consulting Private Limited

Aricent Technologies (Holdings) Limited

Arrk Solutions Pvt. Ltd.

Arrka Infosec Private Limited

Ascenders Technologies Private Limited

Ascent Informatics (India) Pvt Ltd

Ase Structure Design Pvt Ltd.

Asm Technologies Ltd

Aspire Software Consultancy Pvt Ltd

Aspire Systems (India) Private Limited

Atos Origin India Pvt Ltd

Attra Infotech Pvt Ltd

Aufait Technologies Pvt Ltd

Aujas Networks Pvt. Ltd.

Aurionpro Solutions Ltd

Avantha Business Solutions Ltd.

Avaya India Pvt Ltd

AvioHeliTronics InfoSystems Pvt Ltd

AXA Business Services Pvt. Ltd.

Axis Bank

Axis Veriforte Services private limited

Bahwan Cybertek Pvt.ltd

Bank of India

Barclays Shared Services

Barry-WehmillerIntl.ResourcesPvt.Ltd.

Bebo Technologies Private Limited

Bechtel India Pvt. Ltd.

Best of Breed Software Solutions India Pvt. Ltd.

Bharat Electronics Ltd

Bharat Heavy Electricals Limited

Bharat Petroleum Corporation Limited

BhartiyaReservebank

Birlasoft (India) Limited

Blue Star Infotech Limited

BNP Paribas India Solutions Private Limited

BNY Mellon Technology Private Limited

Botree Software International Private Limited

Brainyard India Private Ltd.

Brickwork India Pvt Ltd

Broadridge Financial Solutions (India) Pvt Ltd

Busy Infotech Pvt. Ltd.

Butler Technical Services India Pvt. Ltd.

CA (India) Technologies Pvt. Ltd.

Cactus Communciations Pvt. Ltd.

Callens Solutions

Cambridge Technology Enterprises Ltd

Canara Bank

Canon India Private Limited

Capgemini Business Services (I) Ltd

Capita India Private Limited

Cdk Global (India) Private Limited

Cegura Technology Solutions Pvt Ltd

Central Bank of India

Centre for Development of Advanced Computing (C-DAC)

Centre For Development Of Telematics

CertiSafe Private Limited

CGI Information Systems and Management Consultants Pvt Ltd

ORGANISATION



Changepond Technologies

CIBERsitesIndiaPvtLtd.

Ciena India Private Ltd.

CipherCloud India Pvt. Ltd.

Cisco Systems India Pvt. Ltd.

Clickcubes Technologies Private Limited

Cnergyis Infotech India Pvt. Ltd.

Codelogicx Technologies Private Limited

CognetHRSolutionsPvtLtd

Cognizant Technology Solutions India Pvt. Ltd.

Collabera Technologies Pvt Ltd

Colt Technology Services India Pvt. Ltd.

Compserv Consultants Private Limited

Compunnel Technology India Pvt Ltd

Concentrix Bpo Pvt Ltd

Conduent Business Services India LLP

Congruent Solutions

Connectm Technology Solutions Pvt. Ltd

Convergys India Services

Couth Infotech Pvt. Ltd.

CPA Global Support Services India Pvt. Ltd.

CSC Technologies India Private Limited

CSS Corp Pvt Ltd

CtrlS Datacenters Ltd

Curaksha

CyberSecurityKnowledgeSharingandResearchCouncil

CyberArmour Solutions Pvt Ltd

CyberEyeResearchLabs&SecuritySolutionsPvt.Ltd.

Cybertech Systems And Software Ltd.

Cygnet Infotech Pvt. Ltd.

CygNET Systems Pvt. Ltd

Cyient

Da4KTechnologiesPvt.Ltd.

Data Infosys Ltd.

DataResolve

DataResolveTechnologiesPrivateLimited

DataCard India

Datamatics Global Services Limited

DBOI Global Services Pvt. Ltd.

DBS Bank

Delgence Technologies Private Limited

Dell International Services India Pvt. Ltd.

Deloitte

Dimentrix Technologies Pvt. Ltd.

Drishti-Soft Solutions Pvt Ltd

DST worldwide Services

Eastern Software Systems Pvt Ltd

eCore-Agile Security Services Pvt Ltd

e-Emphasys Infotech Pvt. Ltd.

Elagoon Business Solutions Private Limited

Electronic Arts Games (India) Pvt Ltd

ELOGIC Technologies Private Limited

eMids Technologies Pvt Ltd

Engineering Projects (India) Ltd

Envestnet Asset Management India Pvt Ltd

e-Nxt Financials Ltd

Eperium Business Solutions India Pvt. Ltd.

Equinox Software & Services Pvt Ltd

ERPBoss

Espresso Technologies Pvt. Ltd

Etisalat Software Solutions Pvt Ltd

Evalueserve.Com Pvt. Ltd.

ExcellenceTech(ADivisionofKariwalaIndustriesLtd)

EXL Service

Expedien e-Solution Limited

e-Zest Solutions Ltd

Fareportal India

Fidelity Business Services India Pvt. Ltd.

Financial Technologies (I) Ltd

First Advantage Pvt. Ltd.

First American (India) Pvt. Ltd.

Firstsource Solutions Limited

FIS Global Business Solutions India Pvt. Ltd

Fiserv India Pvt Ltd.

FixNix Infosec Solutions Private Ltd.

Flipkart Internet Pvt. Limited

Fluxonix Security Solutions Pvt. Ltd.

FNF Business Process Outsourcing Services India

Fourth Dimension Solutions Ltd

Fourth Wall Technologies Private Limited

Franklin Templeton International Services (India) Pvt

Fusion Outsourcing Software Pvt. Ltd.

Future Calls Technology Private Limited

Future Focus Infotech Pvt Ltd

GAIL

GCC Services India Private Limited

GE Digital

Genpact

Geometric Limited

GlobeOp Financial Services (India) Private Limited

GMO GlobalSign Certificate Services Pvt. Ltd.

ORGANISATION


Goods and Services Tax Network

Graycell Technologies Exports

Gujarat Informatics Limited

GuruGowriKrupaTechnologiesPvtLtd

H5 Asia Pacific Pvt. Ltd.

Hackett Group (India) Limited

HaltDos Pvt. Ltd

HCL Technologies

HCM Info Systems

HDFC Bank

Health Dynamics Solution Pvt Ltd

Helios and Matheson Information Technology Ltd

Hero MotoCorp

Hewlett-Packard Enterprise India Pvt Ltd

Hexaware Technologies Ltd.

Higher One Financial Technology Pvt Ltd

Hinduja Global Solutions Limited

Hindustan Petroleum Corporation Limited

Hi-Tech iSolutions LLP

Holistic Corporate Services Pvt. Ltd.

Honcho Commercial Pvt Ltd

Honeywell

HSBC Electronic Data Processing India Pvt. Ltd.

HTC Global Services (India) Pvt Ltd.

Huawei Technologies India Pvt Ltd

Hughes Systique India Private Limited

Hyperquality India Pvt. Ltd.

HyTech Professionals India Pvt Ltd

I2K2networksPvt.Ltd

i3 Software Pvt Ltd

i7 Networks

iAccept Softwares Pvt Ltd

IARMInformationSecurityPVTLtd

IBM India Pvt. Ltd.

IBS Software Services Pvt. Ltd.

ICICI Bank

ICICI Prudential

Ideas Inc Management Pvt Ltd

IDFCBANK

IDG Ventures India Advisors Pvt. Ltd.

IDS Infotech Ltd.

Iic Technologies Private Limited

Iinterchange Systems Pvt. Ltd.

iMetrix Solutions Private Limited

Indian Oil Corporation Limited

Indus Net Technologies

Indus Valley Partners (India) Pvt. Ltd.

Indusa Infotech Services Pvt. Ltd.

IndusInd Bank

Infinite Computer Solutions

Infinity Infotech Parks Limited

Info Edge (India) Limited

InfoBeans Systems India Private Limited

Infosoft Global Private Limited

Infosys BPM Limited

Infosys Limited

Infozech Software Ltd

Infrasoft Technologies Limited

Infrastructure Leasing & Financial Services Limited

Inlogic Bizcom Pvt. Ltd.

Innefu Labs Private Limited

InnobuzzKnowledgeSolutionsPvt.Ltd.

Innodata Isogen

Insoft.Com Private Limited

InstituteforDevelopment&ResearchinBankingTechnology(IDRBT)

Integra Software Services Private Limited

Intelenet Global Services Pvt Ltd

Inteliment Technologies (India) Pvt Ltd

Intense Technologies Limited

InterGlobe Technologies

Interra Information Technologies (I) Pvt. Ltd.

Invesco (Hyderabad) Private Limited

IonIdea Enterprise Solutions Pvt Ltd

Irevna,adivisionofCRISIL

ITC Infotech India Limited

ITCube Solutions Pvt. Ltd.

Ivy Comptech Pvt Ltd

iYogi Technical Services Pvt Ltd

Jeevan Technologies India Private Limited

JIJI Technologies Private Ltd

JKTechnosoftLtd

KaalbiTechnologiesPrivateLimited

KaavianSystemsPvt.Limited

KarvyDataManagementServicesLimited

KarvyGlobalServicesLimited

KensoftInfotechLtd

KotakMahindraBank

KPITTechnologiesLtd

KPMG

KumaranSystemsPvt.Ltd.

L&T Infotech

ORGANISATION



Legasis Services Private Limited

Lexington Soft Pvt Ltd

LIC of India

Limtex Infotech Limited

Liqvid eLearning Services Private Limited

Lister Technologies Private Limited

Logic Heart Pvt Ltd

Mafiree

Magic Software Pvt. Ltd

Magnasoft Consulting India Pvt. Ltd.

Magus Customer Dialog Pvt. Ltd.

Maintec Technologies Pvt Ltd

Makemytrip India Pvt. Ltd.

Manipal Global Education services Pvt Ltd

Mastercard

Masys Technologies LLP

Maven Systems Private Limited

Mcafee Software (I) Private Limited

Multi Commodity Exchange of India Limited

Medimanage Insurance Broking Pvt Ltd

Medma Infomatix Pvt Ltd

Metacube Software Pvt. Ltd.

MetLife Services East Pvt Ltd

Micro Focus Software India Private Limited

Microland

Microsoft Corporation (India) Pvt. Ltd.

Midland Credit Management India Pvt. Ltd.

Mindcrest (India) Pvt. Ltd.

Mindteck (India) Ltd

Miramed Ajuba Solutions Private Limited

Misys Software Solutions (I) Pvt Ltd.,

Mjunction Services Limited

Morgan Stanley

MothersonSumi Infotech & Designs Ltd.

Motif India Infotech Pvt. Ltd.

MphasiS Ltd.

Mresult Services Private Limited

Mynd Solutions Pvt. Ltd.

National Payments Corporation of India

Neeyamo Enterprise Solution PVT LTD

Net Solutions

Net Vigil Software Private Limited

NetApp India Pvt. Ltd.

Netmagic Solutions Pvt. Ltd.

NetMonastry Network Security Pvt. Ltd

Netscout Systems Inc.

Newage Software and Solutions

nhance Engineering Solutions Pvt. Ltd.

NHPC

Nihilent Technologies Pvt Ltd

NIHON Technology Pvt ltd

NII Consulting

NIIT Technologies Ltd.

Nishith Desai Associates

Nomura Services India Pvt Ltd

Northern Operating Services Private Limited

Nous Infosystems Pvt Ltd

Novartis Healthcare P Ltd.

Ntrust Infotech Pvt. Ltd.

NTT Data Global Delivery Services Limited

Nucleus Software Exports

NVIDIA Graphics Pvt Ltd

Object Edge India Services Pvt Ltd

Octaware Technologies Pvt Ltd

Oil and Natural Gas Corporation

Oil India Limited

Omnitech Info Solutions Ltd.

One97 Communications Limited

Ontrack Systems Limited

Onward Technologies Ltd.

Opton Infocom Pvt Ltd

Optum Global Solutions (India) Private Limited

Oracle India Private Limited

Orbis Financial

Orbital Outsourcing Services

Orion Security Solutions Private Limited

Orkash Services Pvt Ltd

Oxygen Consulting Services Private Limited

Pan Business Lists Pvt. Ltd.

Panamax Infotech Limited

Panoramic Universal Limited

Parablu Systems Private Limited

Paripoorna Software Solution Service Pvt. Ltd.

Pawaa Software

Payoda Technologies Private Limited

Paypal India Limited

Persistent Systems Limited

PHi Business Solution Ltd

Pinnacle Infotech Solutions

Pintney Bowes Software India Private Ltd

Plintron

Pradot Technologies Private Limited

ORGANISATION



Pratham Software Pvt Ltd

PricewaterhouseCoopers Pvt Ltd

Principal Global Services

Protiviti Consulting Private Ltd

PTC Software (India) Pvt. Ltd.

Punjab National Bank

Pvt Ltd

Quadrisk Advisors Private Limited

Qualtech Consultants P Ltd

Quest Informatics Private Limited

QuisLex Legal Services Pvt. Ltd

RSystemsInternationalLimited

RackbankDatacentersPrivateLimited

RanceComputerPvtLtd

Ratnakarbank

RedsparkTechnologiesPvtLtd

RelianceJioInfocommLtd.

RightwaySolution(India)Pvt.Ltd.

RMEducationSolutionsIndiaPvt.Ltd.

RobertBoschEngineeringandBusinessSolutionsPrivate Limited

RoltaIndiaLtd.

RudrabhishekInfosystemPvtLtd

S Capital Solutions Pvt Ltd

Saama Technologies (India) Pvt. Ltd.

SAG Infotech Private Limited

Sahara Net Corp Ltd.

Saigun

SaltLake Institute of Engineering & Management Limited

Sankhyaa Learning Pvt. Ltd.

Sanovi Technologies (India) Pvt. Ltd.

Sans Institute

Sapient Corporation

Sapple Systems Private Limited

Sasken Technologies Limited

Saslab technologies Pvt Ltd

SBL knowledge Services Limited

SDG Software India Private Limited

SEAL Infotech Pvt Ltd

SecPod Technologies Pvt. Ltd.

Security Brigade InfoSec Private Limited

Securonix

Sella Synergy India Private Ltd

Serco BPO

Shriram Value Services P Ltd

Siddaganga Institute of Technology

Sigma Infosolutions Limited

Simeio Development Center Pvt. Ltd.

SISA Information Security Pvt Ltd

Skillmine Technology Consulting Pvt. Ltd.

SLKSoftwareServicesPvt.Ltd

Smart Chip Limited

Smart Cube India Private Limited

Snap-On Business Solutions India Pvt. Ltd.

Societe Generale Global Solutions Center

Soft Prodigy System Solutions Pvt. Ltd.

Softage Information Technology Limited

Software Associates

Software Technology Parks of India

Sonata Software Ltd.

Sony India Software Centre

SQS India Ltd

SSP India Private Limited

State Bank of India

Steria (India) Limited

Steria (India) Ltd

Stern Advisory (India) Pvt Ltd

Suma Soft Private Limited

Sumeru Software Solutions Pvt. Ltd

Summit Information Technologies Pvt ltd

SunKnowledgePrivateLimited

Sun Life India Service Centre Pvt. Ltd.

Sundaram Infotech Solutions Limited

SunGard Solutions (India) Pvt Ltd

SunTec Business Solutions

SWIFT INDIA

SwissReSharedServicesIndiaPvtLtd.

Symbiosys Technologies

Symbol Technologies, A Motorola Company

Symphony Teleca Corporation India Pvt Ltd

Synchrony International Services Pvt Ltd

Syntel, Inc.

Synygy India Pvt. Ltd.

Systems Valley Pvt. Ltd

SysTools Software Private Limited

Take Solutions

Talisma Corporation Pvt. Ltd.

Tally Solutions Private Limited

Target Corporation India Private Limited

TASEC Limited

Tata Communication

ORGANISATION



Tata Consultancy Services Limited

TaurusQuest Services Private Limited

Tavant Technologies

Tech Mahindra Ltd.

Techies India Inc

Techindia Infoway Pvt Ltd

Technoforte Software Private Limited

Technology Nexus Secured Business Solutions AB

Techsys Solutions Pvt. Ltd

Tek Cube Private Limited

Telemune Software Solutions Pvt. Ltd.

Telerad Tech Pvt Ltd

Telesoft Technologies Ltd

Tesco HSC

Tesseract Consulting Pvt Ltd

Texas Instruments India Pvt Ltd

THDC Ltd

ThomsonReutersInternationalServicesPvtLtd

Tibco Software India Pvt Ltd

Tieto Software technologies Pvt

Topsource Global Solutions

Trigyn Technologies Ltd

UBS (India) Pvt Ltd

Ugam Solutions

Ujjivan Small Finance Bank Limited

Unisys Global Services - India

Unitforce Technologies Consulting Pvt. Ltd.

Unleash Networks

UTV Software Communications Limited

Valency Networks

ValueLabs

Vaneera HI-TECH

Verisign Services India

Verizon Data Services India Pvt. Ltd.

VFS Global Services Pvt Ltd

Vidyatech Solutions Pvt. Ltd.

Vijaya Bank

Vinove Software & Services Private Limited

Virtusa Consulting Services Private Limited

VirtusaPolaris (Virtusa Consulting Services Pvt Ltd)

VISA Consolidated Support Services(India) Pvt Ltd

Vodafone

Volvo India Private Limited

Web Access (I) Pvt. Ltd.

Webrosoft Solutions Pvt Ltd

Wells Fargo India Solutions Pvt Ltd

Williams Lea India

Winsoft Technologies India Pvt Ltd

Wipro Limited

WNS Global Services Pvt. Ltd.

World Vision India

Xiarch Solutions Pvt Ltd

Xpanxion International Pvt. Ltd

Xplore-Tech Services Pvt Ltd

XSYSYS TECHNOLOGIES PVT.LTD.

Yamaha Motor Solutions India Pvt. Ltd.

YaraGo Software Private Limited

Yes Bank

Yodlee Infotech Private Limited

Zscaler Softech India Pvt. Ltd.

ORGANISATION




DATA SECURITY COUNCIL OF INDIA

3rd Floor, NASSCOM Campus, Plot 7-10 Sector – 126, Noida, 201303, UP

This publication is available at www.dsci.in. Please contact us at [email protected] for any query regarding this publication.

Blog blogs.dsci.in

LinkedIn Data Security of India

Twitter DSCI_Connect

Facebook DSCI.Connect

YouTube dscivideo

Date post:	25-Jun-2020
Category:	Documents
Upload:	others
View:	0 times
Download:	0 times

ANNUAL REPORT - Data Security Council of India · 2 Annual Report 2017-18 Data Security Council of...

Documents