Home » Interview » About Data Security Council of India (DSCI)

About Data Security Council of India (DSCI)

Data Security Council of India (DSCI) is a premier industry body on data protection in India, setup by NASSCOM®, committed to making the cyberspace safe, secure and trusted by establishing best practices, standards and initiatives in cyber security and privacy. DSCI brings together national governments and their agencies, industry sectors including IT-BPM, BFSI, Telecom, industry associations, data protection authorities and think tanks for public advocacy, thought leadership, capacity building and outreach initiatives.

To further its objectives, DSCI engages with governments, regulators, industry associations and think tanks on policy matters. To strengthen thought leadership in cyber security and privacy, DSCI develops best practices and frameworks, publishes studies, surveys and papers. It builds capacity in security, privacy and cyber forensics through training and certification program for professionals and law enforcement agencies and engages stakeholders through various outreach initiatives including events, awards, chapters, consultations and membership programs. DSCI also endeavours to increase India’s share in the global security product and services market through global trade development initiatives. These aim to strengthen the security and privacy culture in the India.

 These are the traditional ways to look at security threats and how to fight them.

But with the advent of newer technologies, newer ways to do business and of course, newer opportunities for threats, the whole concept of IT security takes up a new paradigm. It is a tough world now, with every innovation upping the cost of security, every new application adding to the threat, says Aditya Bhatia, Sr. Analyst, DSCI, in an interview with itVARnews.

1. What are the top three trends you see in data, application and network security?
Data Security:

  • Data Security is evolving to treat data as an asset that is becoming pervasive across traditional data silo boundaries on-premises and in big data platforms and public clouds.
  • Hacking, data residency and compliance issues are challenging the implementation of data-centric security policies.
  • Deployment of encryption continues to rise and its deployment is steadily shifting from a tactical to a strategic activity with some organizations having an enterprise wide encryption strategy.

Application Security:

  • Several large enterprises will leverage mobile application development platforms to develop and deploy mobile apps across their organizations in 2015. Enterprise app stores are also expected to emerge this year allowing B2B application exchanges. Enterprise mobile management is also expected to grow in 2016. There will be a tremendous opportunity for app developers to work on building and managing applications for Enterprise markets
  • The application security market space evolves to become an enabler of enterprise security intelligence (ESI).
  • Cloud-based interfaces, mobile applications, rich internet applications and dynamic programming languages are emerging priorities.
  • At a vertical level, application security is emerging as a standalone service category in its own right. It can be bundled with other security services, particularly alongside data loss prevention and access control. For customers that do not have dedicated in-house security experts, this type of bundling is preferred. Another vertical option is to sell it as part of an enhanced unified threat management (UTM) service.

Network Security:

  • There has been a long history of cyber-ransom activity, however, coming time will break new ground whereby nefarious groups will take digital assets or services as hostage and commandeer these services until certain demands are met, financial and beyond.
  • Network Security Policy Management solutions have evolved into more comprehensive suites in an attempt to solve a broader set of challenges.
  • The first half of 2015 is off to a fantastic start for network security, with the top four vendors—Cisco, Check Point, Fortinet and Palo Alto Networks—posting double-digit growth in 2Q15 from the year-ago second quarter. Revenue for data centre and carrier appliances ($30,000 and up) and virtual security appliances is forecast by IHS to grow 42 percent from 2015 to 2019.

2. What innovations do you see for APT?

APT-style attacks have drawn worldwide attention. The problem is evident in many nations and industries with security researchers reporting an upsurge of use by not only organized crime syndicates but also actual government agencies involved in traditional espionage using advanced persistent threats.This year will not just be characterized by an increase in the number of APT attacks, but it will also note a slight change in possible targets and technology used. An interesting research by Kaspersky Lab’s Global Research and Analysis Team (GReAT) has highlighted how the growth of cloud technology and its use have actually given APT hackers another way to attack systems and hide more effectively between the cyber-folds.

3. With IoT / M2M and mobility getting stronger, is the threat increasing?

Internet of Things (IoT) device revenue growth of almost 30% will create new vulnerabilities and security demands relating to both physical and digital environments. The expected convergence of IoT security and information security technologies, along with increased regulatory activity directed at protecting critical infrastructure, will drive demand for integrated threat intelligence capabilities, including IoT-related threat data feeds.

4. Managed security services-are they more cost effective?

The cost of a managed security service is typically less than hiring in-house, full-time security experts. An MSSP is able to spread out the investment in analysts, hardware, software, and facilities over several clients, reducing the per client cost. Also, managed security services providers have teams of security professionals focused exclusively on identifying potential malware and monitoring thousands of clients’ networks for precursors to denial-of-service attacks.That’s why it makes sense to engage the services of a managed security services provider, as they have this depth and breadth of insight.However, in order to balance the tough challenges presented by escalating threat evolution and security tool complexity, MSSPs need to be innovative. Businesses, traditionally slow at outsourcing critical information, are moving to outsourced IT security strategies.

Check Also

How GCCs are Now Driving Innovation and Strategic Value in Global Organizations

How GCCs are Now Driving Innovation and Strategic Value in Global Organizations

India’s GCCs have undergone a remarkable evolution, shifting from traditional cost-centric roles to becoming critical …

Do NOT follow this link or you will be banned from the site!