This month, we have been bringing you exclusive coverage of cybersecurity in India, with a focus on the application of technologies like AI to help companies assess threat landscapes better and devise nimble solutions in an age marked by rapid digitization and migration to cloud services. The coverage would be remiss without highlighting the role of the Data Security Council of India (DSCI) – a not-for-profit organization set up by NASSCOM with a mission to make the cyberspace secure and safe – by establishing best practices, standards and initiatives in cybersecurity. The organisation is led by Rama Vedashree.

We caught up with Vinayak Godse, Vice President of DSCI, who outlined the scope of work DSCI covers in India, the strategic industry and bureaucratic relationships it has built over a decade to foster meaningful engagement and more recently, supporting the industry’s pivot to a new era in cybersecurity in a post COVID19 world.

A 360-degree approach to building an ecosystem

DSCI has a membership model with ‘user organisations’ that seek to implement the most appropriate security systems especially in current times of multi-functional digitization, says Godse. “Initially, we used to see a lot of traction from BFSI companies but today, memberships from healthcare, pharma, oil & gas, transport among other sectors have increased. The membership definitely extends beyond Indian IT,” he says.

As a result of this horizontal expansion across sectors, many of which are relatively new to implementing cybersecurity practices, DSCI works closely with CISOs and even CIOs across India. This, Godse believes, is an important development in the ecosystem as cybersecurity is soon becoming a key priority for senior management, and his team works with a network of security leaders to help them understand industry developments and recommend appropriate courses of action to fortify organizational security measures. DSCI is also engaging with board members of member companies and senior executives as a comprehensive view of security threats impacts the entire chain of command. This was especially evident in the past year, as organisations rallied together to manage the sudden but necessary shift to remote work and plan a seemingly uncertain way ahead in the future for survival. “Security is now a competitive need and advantage for businesses, and requires a coordinated approach. We’re accelerating our efforts to bring together CISO leadership for this,” explains Godse.

A key element of a 360-degree engagement model is the relationship with key policy makers and government bodies like MeitY, Ministry of External Affairs, the National Cyber Security Coordinator's Office (NCSC) and Ministry of Home Affairs. “Today’s national security landscape has moved past the battlefield and extends into the vast cyberspace that’s limitless. Diplomatic ties too have a cybersecurity angle,” explains Godse. Here, DSCI’s engagement pertains to making recommendations and suggesting policy measures that directly impact national security and diplomatic relations.

Working with key government bodies is however not restricted only to maintaining diplomatic ties in a cyber-first world – this bridge is also crucial for developing policies and frameworks for the startup ecosystem in India. DSCI has 13 chapters across India, and engages with 3,000+ cybersecurity professionals who help lay the groundwork for startups to thrive in developing cybersecurity solutions. Recently, the Singapore chapter was launched with the express intent of exchanging knowledge and resources on global best practices in cybersecurity.

In addition, this endeavour is supported by NASSCOM’s own flagship startup outreach programmes like 10,000 Startups and NASSCOM Product Connect. Focusing on opportunities within the cybersecurity domain, market development and strategic startup engagement has been significant in the past seven years for DSCI. This has resulted in the establishment of two CoEs – a National CoE for Cybersecurity Technology Development & Product Entrepreneurship and a Cybersecurity CoE in Hyderabad. Given the growing synergy between industry and academia, DSCI has also fostered strong relationships with 23 premier research institutes like IIT Delhi, IIT Kanpur and IIT Kharagpur, to boost R&D capabilities.

Certification and Training Programmes - The Next Level For DSCI

DSCI is also heavily invested in training and certifying industry professionals, which was one of the organisation’s main goals since inception in 2008. “While we consult and advise on privacy and security, we also wanted to build competencies in these two areas, which are still greenfield subjects,” says Godse. This led DSCI to set up industry level aggregation programmes like the DSCI Security and Privacy Framework and DSCI Privacy Lead Assessor Programme in 2014. So far, DSCI has trained 1,000 + professionals who are now working with several user organisations, Global Capability Centres (GCCs) and MNCs. “The successful rollout and training exercises in industry-relevant certifications gave us confidence to guide and educate the industry on emerging best practices,” says Godse. Eventually, DSCI started the DCPP Certification Programmes for those with under three years of experience, with an appreciation for cyber security and related policies – a step towards engaging more than just cyber security professionals in knowledge enhancement. This led to an interest in the CIO community that DSCI engages with closely, to develop a similar module – DSCI then rolled out the Cyber Security Strategy Training and Certification for CIOs, which has already certified 350+ CIOs in India and hopes to add more. Given how complex and multi-functional systems are becoming, it has become important for continuous learning in developing defenses – this led DSCI to start a credit-based certificate course called DSCI Certified Cyber Security Solution Engineer, whose first cohort recently concluded and garnered a positive response. “We are now playing a strategic role in training and certification in cybersecurity,” says Godse. 

Cybersecurity in a post COVID world & the role of AI

The past year has been a time of unprecedented growth for cyber startups, noted Godse, who also added that technologies like AI will be even more relevant to assess these new threat actors, identify patterns and detect anomalies in defense systems in seconds. “In a highly interconnected age with hyper Internet speeds, there is also the rising need to be more aware and alert as the nature of threats too have become sophisticated. This is where AI can make a significant difference,” says Godse. This week, DSCI launched its latest report India’s AI/ML Cybersecurity Capabilities, which presents the main capabilities of India’s cybersecurity industry while driving innovation using AI.

As we re-strategise for a post-COVID19 world, there are many variables to consider – the acceleration in digital adoption, a hybrid working model away from conventional perimeter security and a rapid migration to cloud services. These open a plethora of new cyber threats and risks, giving rise to new use cases for startups and solution providers to solve. And DSCI is already charting its strategy to counsel and support India Inc., in the wake of this new realm in cybersecurity. 

Want to publish your content?

Publish an article and share your insights to the world.

ALSO EXPLORE

DISCLAIMER

The information provided on this page has been procured through secondary sources. In case you would like to suggest any update, please write to us at support.ai@mail.nasscom.in