social share alt icon

Data Security Council of India Opens Corporate Office in Delhi
October 16, 2007

The Data Security Council of India (DSCI), an independent self regulatory body conceptualized and initiated by NASSCOM for the Indian IT industry, has opened its corporate office in New Delhi at Niryat Bhawan, Rao Tula Ram Marg. DSCI also announced that its steering committee is now in place and functioning.

The DSCI steering committee, headed by Jerry Rao, Chairman, MphasiS will look at defining and taking the mandate forward with various stakeholders. The committee comprises 21 members who are drawn from a mix of Indian and MNC companies, security experts from academia and research bodies and government agencies.

In the first meeting held in September, the following priorities were identified and sub groups set up that will drive each of these mandates:

-

understanding the current security status and the interest of organizations

-

business model for the DSCI

-

draft model contract templates, which can be used by SMEs


NASSCOM had announced the setting up of the DSCI in April 2007, a self regulatory body that will strengthen the regulatory framework and further improve India's attractiveness as an outsourcing destination. Headed by Shyamal Ghosh as its Chairman, the DSCI will establish, popularize, monitor and enforce privacy and data protection standards for India's ITeS-BPO industry. Ghosh will be leading the effort of setting up the SRO functionally and structurally with the able support of Nandkumar Saravade, Director-Cyber Security and Compliance, NASSCOM.

"Today's occasion marks an important step towards the DSCI's mission of ensuring that the Indian Information Security environment benchmarks with the best across the globe. As the Indian IT industry continues on its growth path towards maintaining its global IT super power status, it becomes pertinent that we raise the bar in setting up a best practices framework for data security, privacy, conduct and ensuring its adoption by one and all," said Shyamal Ghosh.

"With the support of NASSCOM and industry partners we hope to achieve the DSCI's aim of providing a protected environment for data and privacy for IT and ITeS sector in India in order to maintain our leadership position in the global outsourcing arena," added Ghosh.

The key objectives of the DSCI are:
-

To enable Indian IT/ITeS organizations to provide high standard of security and data protection by adopting the best practices.

-

To develop, monitor and enforce an appropriate security and data protection standard for the Indian IT/ITES industry that would be adequate, cost effective, adaptable and comparable with the global standards.

-

To build capacity to provide security certification for organizations.

-

To create a common platform for promoting sharing of knowledge about information security and foster a community of security professionals and firms.

-

To create awareness among industry professionals and other stakeholders about security and privacy issues.


The DSCI shall function as an enabler to the IT and ITeS industry to grow at a rapid pace by facilitating the adoption and enforcement of the prescribed security standards and best practices. It plans to undertake the following activities.
-

Awareness through Security Forums: Creation and functioning of Security Forums throughout the country for creating awareness among the involved entities and individuals about the importance and measures for data protection.

-

GAP analysis: Analyzing the existing standards and best practices adopted by the industry in India and industry at the international level.

-

Devising standards and best practices: Consolidating, devising and enforcing ethical standards and best practices in line with international standards for creating a secured environment for data in India that would be cost effective and easily adoptable.

-

Research: Carrying out research in the field of data privacy and protection in the context of Indian situation.

-

Conferences: Organizing national and regional conferences on data security issues.

-

Certification: Certifying the companies who adopt the standard proposed by the DSCI.


NASSCOM said that keeping in view the broad objectives, the DSCI would be a credible and committed body for upholding an effective data privacy and security standard in India, thereby enabling member companies with competitive edge to sustain their rate of rapid growth.