SlideShare une entreprise Scribd logo

New CIO Challenges

Télécharger en tant que PPTX, PDF
Cyber Security Startup Klassify , ACPL Systems Pvt. Ltd.
Cyber Security Startup Klassify , ACPL Systems Pvt. Ltd.

Why is it important for CIO's to also look at compliance to India Laws

Technologie
1  sur  19
How Compliant is your ―IT‖ to Indian law ? Vishal Bindra ( CISA, ISO 27001 LA) CEO Risks & Consequences Vishal@acpl.com ACPL – Securing Information Assets since 1990. www.acpl.com
www.acpl.com
We all know the consequences of a murder crime for the killer? Consequences of Lapses In today's digital world are equally serious even if your organizations involvement is incidental and unintentional ? ACPL – Securing Information Assets since 1990. www.acpl.com
Lack of IT Governance Complicates Compliance with Costly Consequences! • The rise in data breaches has fuelled the rise in awareness when it comes to the Soaring Costs! importance of proactively securing sensitive data. • Compliance breakdowns and governance failures across industry sectors are now among the most common – and unwelcome – headlines in the business press today. Rising Breaches! Companies are finding legal and regulatory compliance costs soaring while effectiveness declines, giving rise to huge fines, penalties, awards and settlements — often in the billions of dollars ACPL – Securing Information Assets since 1990. www.acpl.com
Failure is not an option ACPL – Securing Information Assets since 1990. www.acpl.com
Costly Governance Failures! • Despite these frequent Some Indian cases reminders on the costly  Just Dial, sued their competitor, AskMe. consequences of lax  Travelocity - Cleartrip where TC has filed a security & compliance compliant against CT for data theft risk management, there is  Bazee .com still evidence that many  DPS MMS Case organizations do not  Arif Azim Case place sufficient executive  Karan Bahree Case attention on this issue.  Shekhar Verma Case  Cybersys Infotech Limited Case Many Many More That Occur But Are Never Reported www.acpl.com
Typical Executive Response is Denial • ―We’re fine, because we’ve never had a major data security or compliance problem.‖ • ―The kinds of problems our peers suffered couldn’t happen here — we’re better and smarter than that.‖ • ―We already have a code of conduct, whistleblower channel, and other elements of what’s required for compliance.‖ • ―Our general counsel has responsibility for ensuring we’re fully compliant with all laws and regulations, so we’re covered.‖ ACPL – Securing Information Assets since 1990. www.acpl.com
• Pornographic Or Obscene Simple Breaches ! Emails/SMS/MMS • Sec.67 IT Act 2000 Serious Consequences! • Ist Conviction- – imprisonment for a term,which may extend to five years and with fine, which may extend to Rs. One lakh • 2nd Conviction- – imprisonment for a term, which may extend to ten years and also with fine which may extend to Rs. Two lakh ACPL – Securing Information Assets since 1990. www.acpl.com
• Software Source Code Simple Breaches Sec.65 IT Act 2000 ! Serious Consequences! • Punishment – imprisonment up to three years and / or – fine up to Rs. 2 lakh Identity Theft – • Punishment – imprisonment up to three years and / or – fine up to Rs. 1 lakh ACPL – Securing Information Assets since 1990. www.acpl.com
Simple Breaches ! Serious • Hacking with Computer systems, Consequences! Data alteration Sec.66 IT Act 2000 • Three Years Imprisonment and fine of Rs 5 lakhs per vioaltion • Penalty for damages to computer & computer systems –Liable for compensation upto • Rs. one crore ! ACPL – Securing Information Assets since 1990. www.acpl.com
Internal sources- the biggest risk for any legal entity using computers Who in the company faces the consequence and liability of employee actions? ACPL – Securing Information Assets since 1990. www.acpl.com
Consequences of Failure to Comply to Indian IT Act 2000 ,Sections of IPC, Cr.P.C • Must be borne by the Top Management Leadership • Exposure to civil and criminal consequences • Imprisonment from 3 years to life imprisonment • Civil liability to pay damages by compensation upto 5 crore rupees per contravention • Sweeping powers provided to police officer under Section 80 of IT Act, 2000 to enter any public place and search & arrest. ACPL – Securing Information Assets since 1990. www.acpl.com
Good Governance is the key! Focus on Technology alone is not enough . Effective security must address people, process and technology and every security implementation does this. However, industry experience and studies show that security standards are implemented "in the letter and not in the spirit" - and sometime back this was a concern expressed by the President Obama's CIO too. Decision makers and stakeholders must Proactive actions to adopt ensure that security is embedded into the organization DNA and that industry global best practices in tools and solutions are adopted that will address risks and vulnerabilities at the security and compliance! fundamental or design level. ACPL – Securing Information Assets since 1990. www.acpl.com
The Road Ahead Not your best day in office! Have a better day… Contact ACPL Unable to Defend your computer, protect sensitive data, and protect devices in your office Rest Info-Assured ! ACPL – Securing Information Assets since 1990. www.acpl.com
At ACPL we have been helping corporates become Info Assured in a Digital World since 1990! " ACPL – Securing Information Assets since 1990. www.acpl.com
What ACPL Offer. • Information Security • Information Availability Solutions • Wire & Wireless Networking • Data Centre Optimisation • Standards (ISO 27001, PCI, BS25999) • Tech Processes & Policies Consulting • Vulnerability Management • Data Centric Risk Assessments • Information Security • Product Specific Training • Advanced NW Troubleshooting • InfoSec Trained Manpower Outsourcing www.acpl.com
Our Technology Partners www.acpl.com
Corporates who TRUSTED us! ACPL – Securing Information Assets since 1990. www.acpl.com
Vishal Bindra ( CISA, ISO 27001 LA) CEO Thank You . Vishal@acpl.com ACPL – Securing Information Assets since 1990. www.acpl.com

Recommandé

Sheriff article pdf sm
Sheriff article pdf smSheriff article pdf sm
Sheriff article pdf smIlias Varsamis
 
Information security
Information securityInformation security
Information securityInformation Technology Society Nepal
 
Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!Team Sistemi
 
Law w23
Law w23Law w23
Law w23SelectedPresentations
 
Maloney slides
Maloney slidesMaloney slides
Maloney slidesOnkar Sule
 
ISMS-Information Security Management System-Σύστημα Διαχείρισης Πληροφοριακής...
ISMS-Information Security Management System-Σύστημα Διαχείρισης Πληροφοριακής...ISMS-Information Security Management System-Σύστημα Διαχείρισης Πληροφοριακής...
ISMS-Information Security Management System-Σύστημα Διαχείρισης Πληροφοριακής...Papadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD
 
Workplace Surveilance
Workplace SurveilanceWorkplace Surveilance
Workplace SurveilanceSampath
 
News letter June 11
News letter June 11News letter June 11
News letter June 11captsbtyagi
 

Recommandé

Sheriff article pdf sm
Sheriff article pdf smSheriff article pdf sm
Sheriff article pdf smIlias Varsamis
 
Information security
Information securityInformation security
Information securityInformation Technology Society Nepal
 
Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!Team Sistemi
 
Law w23
Law w23Law w23
Law w23SelectedPresentations
 
Maloney slides
Maloney slidesMaloney slides
Maloney slidesOnkar Sule
 
ISMS-Information Security Management System-Σύστημα Διαχείρισης Πληροφοριακής...
ISMS-Information Security Management System-Σύστημα Διαχείρισης Πληροφοριακής...ISMS-Information Security Management System-Σύστημα Διαχείρισης Πληροφοριακής...
ISMS-Information Security Management System-Σύστημα Διαχείρισης Πληροφοριακής...Papadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD
 
Workplace Surveilance
Workplace SurveilanceWorkplace Surveilance
Workplace SurveilanceSampath
 
News letter June 11
News letter June 11News letter June 11
News letter June 11captsbtyagi
 
Cybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global ThreatCybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global ThreatNTT Innovation Institute Inc.
 
Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Tyrone Grandison
 
Pci compliance training agents
Pci compliance training agentsPci compliance training agents
Pci compliance training agentsocinc
 
Cyber defamation
Cyber defamationCyber defamation
Cyber defamationTuhin Batra
 
Print - Overlooked piece of the security puzzle whitepaper - DRAFT
Print - Overlooked piece of the security puzzle whitepaper - DRAFTPrint - Overlooked piece of the security puzzle whitepaper - DRAFT
Print - Overlooked piece of the security puzzle whitepaper - DRAFTGerry Skipwith
 
Workplace Surveillance
Workplace SurveillanceWorkplace Surveillance
Workplace SurveillanceSampath
 
Julius Clark is Making Criminal Hackers Miserable
Julius Clark is Making Criminal Hackers MiserableJulius Clark is Making Criminal Hackers Miserable
Julius Clark is Making Criminal Hackers MiserableJulius Clark, CISSP, CISA
 
Business Outsourcing to Asia
Business Outsourcing to AsiaBusiness Outsourcing to Asia
Business Outsourcing to AsiaConferencias FIST
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small BusinessJulius Clark, CISSP, CISA
 
Introduction to Cyber Law
Introduction to Cyber LawIntroduction to Cyber Law
Introduction to Cyber Lawn|u - The Open Security Community
 
Webinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWebinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWithum
 
Cyber Influence Operations
Cyber Influence OperationsCyber Influence Operations
Cyber Influence OperationsPapadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD
 
S nandakumar
S nandakumarS nandakumar
S nandakumarIPPAI
 
BYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data EverywhereBYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data EverywhereJim Brashear
 
Sample IT Policy
Sample IT PolicySample IT Policy
Sample IT PolicyClarknuber
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET Journal
 
Personal Digital Hygiene
Personal Digital HygienePersonal Digital Hygiene
Personal Digital HygieneLars Hilse Global Thought Leader in #CyberSecurity, #CyberTerrorism, #CyberDefence, #CyberCrime
 
SIA-Q1-2016
SIA-Q1-2016SIA-Q1-2016
SIA-Q1-2016Owais Hassan
 
Issa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your UsersIssa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your UsersMike Murray
 
Bug Bounty Programs : Good for Government
Bug Bounty Programs : Good for GovernmentBug Bounty Programs : Good for Government
Bug Bounty Programs : Good for GovernmentDinesh O Bareja
 
Acpl group (fcl)ppt (1)
Acpl group (fcl)ppt (1)Acpl group (fcl)ppt (1)
Acpl group (fcl)ppt (1)Prasad Bhat
 
Acpl\'s Profile
Acpl\'s ProfileAcpl\'s Profile
Acpl\'s ProfileCyber Security Startup Klassify , ACPL Systems Pvt. Ltd.
 

Contenu connexe

Tendances

Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Tyrone Grandison
 
Pci compliance training agents
Pci compliance training agentsPci compliance training agents
Pci compliance training agentsocinc
 
Cyber defamation
Cyber defamationCyber defamation
Cyber defamationTuhin Batra
 
Print - Overlooked piece of the security puzzle whitepaper - DRAFT
Print - Overlooked piece of the security puzzle whitepaper - DRAFTPrint - Overlooked piece of the security puzzle whitepaper - DRAFT
Print - Overlooked piece of the security puzzle whitepaper - DRAFTGerry Skipwith
 
Workplace Surveillance
Workplace SurveillanceWorkplace Surveillance
Workplace SurveillanceSampath
 
Julius Clark is Making Criminal Hackers Miserable
Julius Clark is Making Criminal Hackers MiserableJulius Clark is Making Criminal Hackers Miserable
Julius Clark is Making Criminal Hackers MiserableJulius Clark, CISSP, CISA
 
Business Outsourcing to Asia
Business Outsourcing to AsiaBusiness Outsourcing to Asia
Business Outsourcing to AsiaConferencias FIST
 
Webinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWebinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWithum
 
S nandakumar
S nandakumarS nandakumar
S nandakumarIPPAI
 
BYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data EverywhereBYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data EverywhereJim Brashear
 
Sample IT Policy
Sample IT PolicySample IT Policy
Sample IT PolicyClarknuber
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET Journal
 
Issa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your UsersIssa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your UsersMike Murray
 
Bug Bounty Programs : Good for Government
Bug Bounty Programs : Good for GovernmentBug Bounty Programs : Good for Government
Bug Bounty Programs : Good for GovernmentDinesh O Bareja
 

Tendances (20)

Cybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global ThreatCybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global Threat
 
Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010
 
Pci compliance training agents
Pci compliance training agentsPci compliance training agents
Pci compliance training agents
 
Cyber defamation
Cyber defamationCyber defamation
Cyber defamation
 
Print - Overlooked piece of the security puzzle whitepaper - DRAFT
Print - Overlooked piece of the security puzzle whitepaper - DRAFTPrint - Overlooked piece of the security puzzle whitepaper - DRAFT
Print - Overlooked piece of the security puzzle whitepaper - DRAFT
 
Workplace Surveillance
Workplace SurveillanceWorkplace Surveillance
Workplace Surveillance
 
Julius Clark is Making Criminal Hackers Miserable
Julius Clark is Making Criminal Hackers MiserableJulius Clark is Making Criminal Hackers Miserable
Julius Clark is Making Criminal Hackers Miserable
 
Business Outsourcing to Asia
Business Outsourcing to AsiaBusiness Outsourcing to Asia
Business Outsourcing to Asia
 
Information Security for Small Business
Information Security for Small BusinessInformation Security for Small Business
Information Security for Small Business
 
Introduction to Cyber Law
Introduction to Cyber LawIntroduction to Cyber Law
Introduction to Cyber Law
 
Webinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWebinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the Trenches
 
Cyber Influence Operations
Cyber Influence OperationsCyber Influence Operations
Cyber Influence Operations
 
S nandakumar
S nandakumarS nandakumar
S nandakumar
 
BYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data EverywhereBYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data Everywhere
 
Sample IT Policy
Sample IT PolicySample IT Policy
Sample IT Policy
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the Decade
 
Personal Digital Hygiene
Personal Digital HygienePersonal Digital Hygiene
Personal Digital Hygiene
 
SIA-Q1-2016
SIA-Q1-2016SIA-Q1-2016
SIA-Q1-2016
 
Issa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your UsersIssa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your Users
 
Bug Bounty Programs : Good for Government
Bug Bounty Programs : Good for GovernmentBug Bounty Programs : Good for Government
Bug Bounty Programs : Good for Government
 

En vedette

Acpl group (fcl)ppt (1)
Acpl group (fcl)ppt (1)Acpl group (fcl)ppt (1)
Acpl group (fcl)ppt (1)Prasad Bhat
 

En vedette (6)

Acpl group (fcl)ppt (1)
Acpl group (fcl)ppt (1)Acpl group (fcl)ppt (1)
Acpl group (fcl)ppt (1)
 
Acpl\'s Profile
Acpl\'s ProfileAcpl\'s Profile
Acpl\'s Profile
 
Hosted Email Security Webinar
Hosted Email Security WebinarHosted Email Security Webinar
Hosted Email Security Webinar
 
Acpl Brief profile
Acpl Brief profileAcpl Brief profile
Acpl Brief profile
 
ACPL INRTODUCTION
ACPL INRTODUCTIONACPL INRTODUCTION
ACPL INRTODUCTION
 
Crm At FlipKart
Crm At FlipKartCrm At FlipKart
Crm At FlipKart
 

Similaire à New CIO Challenges

A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsResilient Systems
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About ComplianceDinesh O Bareja
 
Counterfeit Risk & New Defense Regulations
Counterfeit Risk & New Defense RegulationsCounterfeit Risk & New Defense Regulations
Counterfeit Risk & New Defense RegulationsIHS
 
State regulation of information protection in the cloud - international and K...
State regulation of information protection in the cloud - international and K...State regulation of information protection in the cloud - international and K...
State regulation of information protection in the cloud - international and K...Vsevolod Shabad
 
Cyber Domain Security
Cyber Domain SecurityCyber Domain Security
Cyber Domain SecurityICSA, LLC
 
Data Confidentiality, Security and Recent Changes to the ABA Model Rules
Data Confidentiality, Security and Recent Changes to the ABA Model RulesData Confidentiality, Security and Recent Changes to the ABA Model Rules
Data Confidentiality, Security and Recent Changes to the ABA Model Rulessaurnou
 
CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"OCTF Industry Engagement
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
CCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityCCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityAhmed Habib
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIAAnish Rai
 
Crossing the streams: How security professionals can leverage the NZ Privacy ...
Crossing the streams: How security professionals can leverage the NZ Privacy ...Crossing the streams: How security professionals can leverage the NZ Privacy ...
Crossing the streams: How security professionals can leverage the NZ Privacy ...Chris Hails
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsDinesh O Bareja
 
Cyberspace Usages Challenges And Disputeresolution Ja
Cyberspace Usages Challenges And Disputeresolution JaCyberspace Usages Challenges And Disputeresolution Ja
Cyberspace Usages Challenges And Disputeresolution Jautkarshjani
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskWilliam Gamble
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy finalIndian Air Force
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber securityAurobindo Nayak
 

Similaire à New CIO Challenges (20)

A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 Predictions
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About Compliance
 
Cyber law
Cyber lawCyber law
Cyber law
 
Cyber law comp
Cyber law compCyber law comp
Cyber law comp
 
Counterfeit Risk & New Defense Regulations
Counterfeit Risk & New Defense RegulationsCounterfeit Risk & New Defense Regulations
Counterfeit Risk & New Defense Regulations
 
State regulation of information protection in the cloud - international and K...
State regulation of information protection in the cloud - international and K...State regulation of information protection in the cloud - international and K...
State regulation of information protection in the cloud - international and K...
 
Cyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counselCyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counsel
 
Cyber Domain Security
Cyber Domain SecurityCyber Domain Security
Cyber Domain Security
 
Data Confidentiality, Security and Recent Changes to the ABA Model Rules
Data Confidentiality, Security and Recent Changes to the ABA Model RulesData Confidentiality, Security and Recent Changes to the ABA Model Rules
Data Confidentiality, Security and Recent Changes to the ABA Model Rules
 
CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective a
 
CCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityCCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network security
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIA
 
Crossing the streams: How security professionals can leverage the NZ Privacy ...
Crossing the streams: How security professionals can leverage the NZ Privacy ...Crossing the streams: How security professionals can leverage the NZ Privacy ...
Crossing the streams: How security professionals can leverage the NZ Privacy ...
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
 
Cyberspace Usages Challenges And Disputeresolution Ja
Cyberspace Usages Challenges And Disputeresolution JaCyberspace Usages Challenges And Disputeresolution Ja
Cyberspace Usages Challenges And Disputeresolution Ja
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security Webinar
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology Risk
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy final
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber security
 

Dernier

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 

Dernier (20)

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 

New CIO Challenges

  • 1. How Compliant is your ―IT‖ to Indian law ? Vishal Bindra ( CISA, ISO 27001 LA) CEO Risks & Consequences Vishal@acpl.com ACPL – Securing Information Assets since 1990. www.acpl.com
  • 3. We all know the consequences of a murder crime for the killer? Consequences of Lapses In today's digital world are equally serious even if your organizations involvement is incidental and unintentional ? ACPL – Securing Information Assets since 1990. www.acpl.com
  • 4. Lack of IT Governance Complicates Compliance with Costly Consequences! • The rise in data breaches has fuelled the rise in awareness when it comes to the Soaring Costs! importance of proactively securing sensitive data. • Compliance breakdowns and governance failures across industry sectors are now among the most common – and unwelcome – headlines in the business press today. Rising Breaches! Companies are finding legal and regulatory compliance costs soaring while effectiveness declines, giving rise to huge fines, penalties, awards and settlements — often in the billions of dollars ACPL – Securing Information Assets since 1990. www.acpl.com
  • 5. Failure is not an option ACPL – Securing Information Assets since 1990. www.acpl.com
  • 6. Costly Governance Failures! • Despite these frequent Some Indian cases reminders on the costly  Just Dial, sued their competitor, AskMe. consequences of lax  Travelocity - Cleartrip where TC has filed a security & compliance compliant against CT for data theft risk management, there is  Bazee .com still evidence that many  DPS MMS Case organizations do not  Arif Azim Case place sufficient executive  Karan Bahree Case attention on this issue.  Shekhar Verma Case  Cybersys Infotech Limited Case Many Many More That Occur But Are Never Reported www.acpl.com
  • 7. Typical Executive Response is Denial • ―We’re fine, because we’ve never had a major data security or compliance problem.‖ • ―The kinds of problems our peers suffered couldn’t happen here — we’re better and smarter than that.‖ • ―We already have a code of conduct, whistleblower channel, and other elements of what’s required for compliance.‖ • ―Our general counsel has responsibility for ensuring we’re fully compliant with all laws and regulations, so we’re covered.‖ ACPL – Securing Information Assets since 1990. www.acpl.com
  • 8. Pornographic Or Obscene Simple Breaches ! Emails/SMS/MMS • Sec.67 IT Act 2000 Serious Consequences! • Ist Conviction- – imprisonment for a term,which may extend to five years and with fine, which may extend to Rs. One lakh • 2nd Conviction- – imprisonment for a term, which may extend to ten years and also with fine which may extend to Rs. Two lakh ACPL – Securing Information Assets since 1990. www.acpl.com
  • 9. Software Source Code Simple Breaches Sec.65 IT Act 2000 ! Serious Consequences! • Punishment – imprisonment up to three years and / or – fine up to Rs. 2 lakh Identity Theft – • Punishment – imprisonment up to three years and / or – fine up to Rs. 1 lakh ACPL – Securing Information Assets since 1990. www.acpl.com
  • 10. Simple Breaches ! Serious • Hacking with Computer systems, Consequences! Data alteration Sec.66 IT Act 2000 • Three Years Imprisonment and fine of Rs 5 lakhs per vioaltion • Penalty for damages to computer & computer systems –Liable for compensation upto • Rs. one crore ! ACPL – Securing Information Assets since 1990. www.acpl.com
  • 11. Internal sources- the biggest risk for any legal entity using computers Who in the company faces the consequence and liability of employee actions? ACPL – Securing Information Assets since 1990. www.acpl.com
  • 12. Consequences of Failure to Comply to Indian IT Act 2000 ,Sections of IPC, Cr.P.C • Must be borne by the Top Management Leadership • Exposure to civil and criminal consequences • Imprisonment from 3 years to life imprisonment • Civil liability to pay damages by compensation upto 5 crore rupees per contravention • Sweeping powers provided to police officer under Section 80 of IT Act, 2000 to enter any public place and search & arrest. ACPL – Securing Information Assets since 1990. www.acpl.com
  • 13. Good Governance is the key! Focus on Technology alone is not enough . Effective security must address people, process and technology and every security implementation does this. However, industry experience and studies show that security standards are implemented "in the letter and not in the spirit" - and sometime back this was a concern expressed by the President Obama's CIO too. Decision makers and stakeholders must Proactive actions to adopt ensure that security is embedded into the organization DNA and that industry global best practices in tools and solutions are adopted that will address risks and vulnerabilities at the security and compliance! fundamental or design level. ACPL – Securing Information Assets since 1990. www.acpl.com
  • 14. The Road Ahead Not your best day in office! Have a better day… Contact ACPL Unable to Defend your computer, protect sensitive data, and protect devices in your office Rest Info-Assured ! ACPL – Securing Information Assets since 1990. www.acpl.com
  • 15. At ACPL we have been helping corporates become Info Assured in a Digital World since 1990! " ACPL – Securing Information Assets since 1990. www.acpl.com
  • 16. What ACPL Offer. • Information Security • Information Availability Solutions • Wire & Wireless Networking • Data Centre Optimisation • Standards (ISO 27001, PCI, BS25999) • Tech Processes & Policies Consulting • Vulnerability Management • Data Centric Risk Assessments • Information Security • Product Specific Training • Advanced NW Troubleshooting • InfoSec Trained Manpower Outsourcing www.acpl.com
  • 17. Our Technology Partners www.acpl.com
  • 18. Corporates who TRUSTED us! ACPL – Securing Information Assets since 1990. www.acpl.com
  • 19. Vishal Bindra ( CISA, ISO 27001 LA) CEO Thank You . Vishal@acpl.com ACPL – Securing Information Assets since 1990. www.acpl.com