Best Practices Meet 2011

DSCI is happy to announce the third meet on Best Practices for Data Protection on the June 28, 2011 at Hotel Lalit Ashok, Bangalore. In the last workshop held in July 2010, latest developments and contemporary issues in security and privacy including data protection in the wake of global regulations, Industry specific security trends & practices, DSCI Frameworks (DSF & DPF) and pilot implementations amongst others were discussed.

Data protection is an ever evolving issue – the changes can be driven by different factors including technological advancements, regulations, dynamic threat landscape, business models amongst others. In India, regulatory landscape significantly changed with the notification of the IT (Amendment) Act, 2008 (ITAA 2008). The rules for section 43A have also been notified this year. These rules prescribe adherence to privacy principles such as collection limitation, disclosure of information, choice and consent amongst others. The rules also provide definition of ‘sensitive personal information’ along with providing clarifications on what constitutes ‘reasonable security practices’. It will be interesting to see how these rules impact the privacy and security practices of organizations operating in India.

The ITAA 2008 like other international data protection legislations will also have significant impact in the outsourcing relationships as majority of the enterprises are outsourcing some of their work, and they must manage information risk across a vast global network of Service Providers. IT / BPO Service Providers in India, on account of various regulations in client geographies, have been subjected to several ongoing assessments and onsite audits, which are labor intensive and costly for both the Service Providers and their Clients. Moreover, the multiple assessments are based on different frameworks, questionnaires and audit approaches – requiring significant effort and time; and, of course, higher costs. Can independent third-party evaluations that are standards-based, or framework-based, ease the assessment burden and bring in efficiencies and effectiveness?

Such third-party evaluations will become even more relevant as enterprises adopt Cloud Computing. In a survey conducted by DSCI in its last Best Practices meet, 95% of the respondents rated ‘data security & privacy’ as a ‘critical’ and ‘very important’ challenge in the adoption of Cloud Computing. This finding is in line with the concerns of the organizations worldwide. But since the economic benefits of adopting Cloud Computing are enormous, the challenge of security & privacy will get addressed appropriately in due course of time. What will become important though is how the user organizations that move to the Cloud are able to measure / assess the Cloud services from Service Providers on different parameters including maturity of provider’s security & privacy practices.

This year’s meet will focus the following aspects:

  • Rules notified under ITAA 2008
  • Privacy practices in different sectors and impact of evolving Privacy Law
  • DSCI Frameworks (DSF & DPF) evolution and adoption
  • Service Provider Assessment Framework (SPAF)
  • Security practices followed in specific disciplines of security – Threat & Vulnerability Management, Application Security and User Access & Privilege Management
  • Managing security as organizations transition to the Cloud
  • Metrics for measuring maturity in security practices

This conference will give an opportunity to interact with the leaders in security & privacy and understand the practices that are evolving to address specific challenges including deliberating different approaches that are being adopted while implementing technologies or establishing processes.

Share page with AddThis
Back To Event


  • Mr. Manoj Chugh

    MD-India & SAARC, EMC Corporation

  • Mr. Krishnakumar Natrajan

    CEO & MD, Mindtree

  • Mr. G.S. Hegde

    Principal Legal Advisor Incharge, RBI

  • Mr. Kartik Shahani

    Regional Director – India & SAARC, RSA

  • Mr. Nabankur Sen

    Vice President - IT & CISO, Axis Bank


Platinum Sponsors

Gold Sponsors

Silver Sponsor


Supporting Partner

Media Partner

Webcast Partner

Who Should Attend

  • CIOs / CTOs
  • Risk Management Professionals
  • Security and Privacy Professionals
  • Head of Information Technology /Security/Privacy
  • Security Vendors
  • Auditors and Consultants

Convenience Your Boss


Jun 28- 30, 2012 | Time: 10:15- 10:15 |
Hotel Lalit Ashok, Bangalore