On July 2, the government of India released the National Cyber Security Policy 2013. This policy extends to a spectrum of ICT users and providers, including home users, SMEs, large enterprises, and government and nongovernment entities. The policy aims to serve as an umbrella framework for defining and guiding the actions related to the security of cyberspace. The policy has been much delayed but has now been released amid reports of snooping by the US globally — and ever-increasing threats to India as a country.
The policy defines 14 diverse objectives that provide an overview of the government’s approach to the protection of cyberspace in the country. A few objectives that will have a positive impact on S&R professionals in India caught my attention:
The appointment of chief information security officer (CISO). Organizations may or may not have a designated person responsible for cybersecurity initiatives today. With the release of National Cyber Security Policy 2013, organizations will be mandated to appoint a person in a senior management role as CISO.
A strong security workforce. The government plans to create a strong workforce of 500,000 security professionals in the next five years through skill development and training programs. This will mean more opportunities to enhance skills and more job opportunities for S&R professionals.