Studies & Reports

    • Leading Industry Practices in Security and Privacy

      Organisations today need to be increasingly secure as the environment in which they operate is more and more complex and dynamic with attackers using innovative techniques such as emerging mobile and cloud platforms. Security response to this challenge must be equally innovative - a way that helps an organisation become nimble footed to respond quickly to real threats in its environment.

      Read More
    • DSCI-PwC Study Report: The Threat Within

      Data Security Council of India (DSCI) and PricewaterhouseCoopers (PwC) jointly conducted a study to understand the challenges and risks associated with insider threats. Security breaches and the compromise of sensitive information are very real concerns for any organization today. Studies have shown that though the likelihood of the attack from insiders may be very low as compared to external threats, the magnitude of the impact is at least ten times more than that of the total impact an external attacker can cause.

      Read More
    • Data Protection Practices of Indian IT-ITES Industry

      NASSCOM, and DSCI have conducted this survey on Data Protection practices of IT/ITES industry through KPMG. The survey was designed to elicit response from top management in the form of IT and/or Security leadership, and also from security operations of the company.

      Read More
    • DSCI-KPMG Survey 2010: State of Data Security and Privacy in Indian BPO Industry

      Businesses continue to drive IT operations, which in turn try to sustain existing systems, often at the cost of security. Customers, on the other hand, are demanding more security as their worries about cyber crimes, privacy and identity theft grow. In the networked world, business partners, suppliers, and vendors also demand assurance of essential and adequate security when they inter-operate to share information and business data for faster and cost-effective transactions. At the same time, regulatory and law-enforcement agencies require proof of compliance with a plethora of security regulations. Under these circumstances, there is no better way of understanding security preparedness of companies than through a survey. This is the third DSCI-KPMG Security Survey, conducted in association with CERT-In.

      Read More
    • Legal and Policy Issues in Cloud Computing -Discussion Paper based on DSCI-BSA Workshop

      A workshop to discuss policy and legal issues in the cloud was organized on July 16, 2013 by DSCI and BSA. The workshop was attended by the leading cloud service providers and senior DeitY representative. Key issues including jurisdictional challenges, lawful access to data, issues relating to cyber-crime investigations and capturing of cyber forensics among other issues were brainstormed. A discussion paper was created on the Legal and Policy Issues in Cloud Computing based on the discussion in the workshop.

      Read More
    • Report of the "Group of Experts on Privacy "constituted by Planning Commission of India

      Report of the Group of Experts on Privacy ”constituted by Planning Commission of India under the chairmanship of Justice AP Shah, Former Chief Justice, Delhi High Court) is released. The report covers international Privacy principles, national privacy principles, rationale and emerging issues along with the analysis of relevant Legislations/Bills from a privacy perspective. On the basis of deliberation and in depth analysis, the group has identified a set of recommendations which the government may like to consider while formulating the proposed framework for Privacy Act.

      Read More
    • DSCI-KPMG Survey 2010: State of Data Security and Privacy in the Indian Banking Industry

      Businesses continue to drive IT operations, which in turn try to sustain existing systems, often at the cost of security. Customers, on the other hand, are demanding more security as their worries about cyber crimes, privacy and identity theft grow. In the networked world, business partners, suppliers, and vendors also demand assurance of essential and adequate security when they inter-operate to share information and business data for faster and cost-effective transactions. At the same time, regulatory and law-enforcement agencies require proof of compliance with a plethora of security regulations.

      Read More
    • Consultation Paper on Legal Framework for Data Protection, Security and Privacy Norms

      DSCI believes that self-regulation by industry associations should be encouraged by any proposed privacy legislation, to ensure that technological advancements are taken advantage of, while bureaucratic structures do not hinder the growth of technology and its adoption in integrating the country in global digital economy.

      Read More