Nasscom to roll out more cyber security initiatives

As part of its initiatives to work with Indian law enforcement organisations towards creating more awareness on cyber crimes, Nasscom is in talks with Maharashtra Director of Prosecution to train 40 prosecutors every month.

The trade body is also planning to introduce more advanced training programmes covering cyber forensic tools and methodologies through its Cyber Labs.

Cyber Labs, set up and managed on a public-private partnership model, can register and investigate cyber crimes with the help of the police department and provides training to police officers, prosecutors, military police officers, bank officials and others on cyber crimes.

Nasscom has four cyber labs presently in the country which are located in Mumbai, Pune, Bangalore and Chandigarh. It is looking at four new locations including one each in the National Capital Region, Hyderabad, Chennai and Kolkata as the next destinations in the immediate future.

The labs have trained over 3,000 investigators at multiple locations. It is now proposing to earmark some of the training cycles for public prosecutors. Two programmes have already been held at the Bangalore Cyber Lab.

The upcoming Cyber Labs will have a full-time project manager from the police, two instructors and part-time volunteers from among the student community.

The training will include familiarisation on areas such as Internet, browsing, email and online transactions among others and education on what constitutes cyber crime.

Once trained, these law enforcement officials will be able carry out various activities like analysing and scrutinising data on hard disks, email tracking, extracting evidence using Internet and mobile phones and on cyber crime-related legislation.

Along with Cyber Labs, Nasscom is also working on the National Skills Registry (NSR) of IT and BPO employees, which was launched in January 2006.

"The National Skills Registry is a global first; it was created with an objective of improving recruitment practices in IT and BPO industry, which will in turn help in maintaining India's global competitive advantage. It is an employee-friendly measure to minimise any misuse of employee identity, where employers will be able to view the verified resume of the IT professional, if authorised by the professional," said Nandkumar Saravade, Director - Cyber Security and Compliance, Nasscom.

Presently, 40 companies have joined the NSR at the organisation level. Additionally, the body has received 1 lakh registrations of which 20 per cent are through individual registration. Nasscom is looking at recording an additional 5 lakh registrations by March 2008.

Formal procedures of registering Nasscom Self-Regulatory Organisation, called the Data Security Council of India (DSCI) as a not-for-profit company are underway.

The proposed DSCI will look to develop and popularise common minimum standards for privacy and security policies, offer certification, enforce a code of ethics and best practice, and punish any breaches by Indian IT and BPO companies which could include expelling members and/or reporting the matter to the government authoritiesaw enforcement.