CYBER SURAKSHIT BHARAT

BACK GROUND

Digital India is a key initiative for the country. In light of the recent attacks, there is increased focus on cyber safety. Recognizing

the need to strengthen the cyber security ecosystem in India, and in alignment with the Honourable Prime Minister's vision for a

'Digital India', the Ministry of Electronics and Information Technology (MeitY), launched the Cyber Surakshit Bharat initiative in

association with National e-Governance Division (NeGD) and industry partners.

CYBER SURAKSHIT BHARAT DEEP DIVE TRAINING

The purpose of the program would be to spread awareness, build capacity as well as enable government departments on steps

that need to be taken to create a Cyber Resilient IT set up.

TARGET AUDIENCE

Officers from Central and State/UT Governments and subordinate agencies/PSUs, including public sector Banks and Insurance

companies, technical wings of police and security forces

1. Designated Chief Information Security Officers (CISOs),

2. CTOs and Member of Technical /PMU teams, Officers responsible to observe security of the IT systems in their respective

organizations

BATCH SIZE: 40-50 PARTICIPANTS

Chief Information Security Officers’ (CISO) Deep Dive Training

On

Cyber Security

Programme Coordinators

Dr. Charru Malhotra and Mr. Kamal Jain August (01-04), 2018

The objective of the programme is to educate & enable the Chief Information Security Ofcers (CISO) & broader IT community to address the challenges of cyber security. Create awareness on the emerging landscape of cyber threats Provide in-depth understanding on key activities, new initiatives, challenges and related solutions Applicable frameworks, guidelines & policies Applicable frameworks, guidelines & policies related to the subject Share best practices to learn from success & failures Provide key inputs to take informed decision on Cyber Security related issues in their respective functional area

The 4 days residential regional training programme will be conducted in 5-6 major cities across country. The following areas would also be covered in detail, from the practitioner perspective, by experts from Government and leading Industries in the area.

PROGRAMME OBJECTIVE

COURSE OVERVIEW

LOGISTICS

NOMINATION PROCESS

REGION WISE BATCHES LOCATION

02

03

01

01

New Delhi

BengaluruChennaiHyderabad

Mumbai

Kolkata

12 June - 15 June,1801 Aug - 04 Aug,18

27 June - 30 June,1826 Sept - 29 Sept, 1810 Oct - 13 Oct, 18

18 July - 21 July, 18

05 Sep - 08 Sep,18East - Assam, West Bengal, Jharkhand, Bihar, Sikkim, Tripura, Nagaland, Mizoram, Arunachal, Manipur, Meghalaya

North- J& K, Chandigarh, Haryana, UP, UK, Punjab, Delhi, Himachal

South - Andhra Pradesh, Telangana, Karnataka, Tamil Nadu, Puducherry, Lashadweep, Andaman Nicobar,Kerala, Odisha

West- Maharashtra, Chattisgarh, MP, Goa, Gujarat, Rajasthan, Daman & Diu & DNH

FOUNDING PARTNERS

KNOWLEDGE PARTNERS

Programme Schedule Chief Information Security Officers’ Deep Dive CyberSecurityTraining

under

Cyber Surakshit Bharat Initiative Programme

Coordinators: Dr. Charru Malhotra and Mr. Kamal Jain

August 01-04, 2018

Conference Hall , First Floor, Indian Institute of Public Administration (IIPA), I. P. Estate, Outer Ring

Road, New Delhi-110002

Day -1: Wednesday, August 01, 2018

Timings Topic Faculty/Guest

09:00hrs –09:45hrs

Registration Ms. Rashmi, Ms. Shilpa (IIPA Digital India Training Team)

09:45hrs – 10:15hrs Inaugural session

About IIPA Prof. V. K. Sharma (Sr. Professor, IIPA) About the Programme

Shri. Rakesh Maheshwari (Group coordinator, MeitY) Inaugural Address Dr. Gulshan Rai (National Cyber Security Coordinator, PMO) Vote of Thanks Dr. Charru Malhotra (Programme Coordinator , IIPA) 10:15-10:30

Group photo and tea break

10:30-13:00

Session 2 Governance Risk and Compliance Incident Response Mechanism-IRM

Mr. Navin Kaul (Senior Manager , Ernst &Young)

Mr. Vidur Gupta (Partner - Advisory Services, EY)

13:00 hrs - 14:00 hrs Lunch Break

14:00 hrs -15:30 hrs

Session 3 Network Security

Mr. Dhiraj Gaur (Security Consultant, Palo Alto Networks Pvt Ltd)

15:30 hrs - 15:45 hrs Tea Break

Ministry of Electronics and Information

Technology

15:45 hrs -17:00 hrs

Session 3 Contd. Network Security (Contd.)

Mr. Dhiraj Gaur (Security Consultant, Palo Alto Networks Pvt Ltd)

17:00 hrs - 17:30 hrs

Briefing on Individual and Group assignments – 6 Groups by Programme Coordinator

Day -2: Thursday, August 02, 2018

09:30 hrs - 10:15 hrs

Session 4 Mobile security (Mobile as an end-point device, framework for secure mobile applications)

Dr. Rahul Johari (Head, Software Development Cell, Guru Gobind Singh Indraprastha University)

10:15 hrs - 10:30rs Tea Break

10:30 hrs - 12:30 hrs

Session 4 Contd. End Point Security

Mr. Iftekhar Hussain (Microsoft India)

12:30 hrs - 13:00 hrs

Session 5 Cyber Forensic

Dr. Gaurav Gupta (Ministry of Electronics and Information Technology)

13:00 hrs - 14:00 hrs Lunch Break

14:00 hrs - 15:30 hrs

Session 6 Application and Data Security

Mr. Amarpreet Singh (Security Delivery Leader- Data & Application Security, IBM

15:30 hrs – 15:45 hrs Tea Break

15:45 hrs – 17:00 hrs

Session 6 Contd. Application and Data Security

Ms. Neeti Vohra (Joint Director, Corporate R & D, CDAC, Pune)

Day-3 : Friday, August 03, 2018

09:30 hrs 10:45 hrs

Session 7 Experience sharing on Cyber Security management in Government

Ms. Shubhagta Kumar ADG (SI), CBEC

10:45 hrs - 11:00 hrs

Tea Break

11:00 hrs 12:00 hrs

Session 8 Cloud Security

Mr. Dhiraj Gaur (Security Consultant, Palo Alto Networks Pvt Ltd)

12:00 hrs -13:00 hrs

Session 9 Emerging Trends and Challenges

Cyber Security – A Holistic National Perspective

Dr.Charru Malhotra (Programme Coordinator , Indian Institute of Public Administration)

13:00 hrs - 14:00 hrs Lunch Break

14:00 hrs - 15:45 hrs

Session 10 Operation and Monitoring of Cyber Security Compliance at National level & in organizations

Mr. Hemant Mehrotra (Security Delivery Leader –North, IBM)

15:45 hrs - 16:00 hrs Tea Break

16:00 hrs - 17:30 hrs

Session 11 Overview of IT Act and its amendments

Mr. Pavan Duggal (Sr.Cyber Law Expert, President CyberLaw.Net)

Day-4 : Saturday, August 04, 2018

09:00hrs -09:30 hrs

Cyber Crisis Management Plan (CCMP) Dr.Charru Malhotra (Programme Coordinator , Indian Institute of Public Administration)

09:30hrs – 12:30hrs

Session 12 Group Presentations by Participants

Jury of Panel Experts

Mr. Dipak Singh (Sr. Director, MeitY)

Mr. I.P.S Sethi (Deputy Director General, NIC) Wg. Cmdr (Dr.) Prabir Panda (IAF-Retd.)

(ECI-Enterprise Architecture Security & Head of Technical Support Unit)

Mr. Amolak Singh (Director IT Security, Infologic Solution)

Dr. Charru Malhotra and Mr. Kamal Jain (Programme Coordinators )

12:30 hrs – 13:30 hrs Valedictory Session

Overview of the Training Conducted Dr. Charru Malhotra (Programme Coordinator ) Mr. Dipak Singh (Sr. Director, MeitY) Need for such Trainings and Role of IIPA by Guests-of-Honor Prof. V. K. Sharma (Sr. Professor, IIPA)

Valedictory address by Chief Guest Mr. M. Srinivas Rao, IAS (President & CEO, NeGD, MeitY) Vote of Thanks Mr. Kamal Jain (Programme Coordinator & Sr General Manager, NeGD, MeitY)

13:30 hrs : Lunch

Assignment Instructions

1. Group Assignment

a. Nos of Groups - 5-6

b. Group Size - 5-8

c. To be made on the first day and announce during the last session of day one by the

course coordinator (IIPA in the first programme)

d. Member Mix- As per assignment

e. Submission - Presentation in prescribed format - 20 mnts followed by 10 mnts for

Q&A on day 4- preferably each member has to contribute during

presentation/Q&A

f. First two groups to be given some award- Cross ranking by participants and the

panel (MeitY, CDAC/CERTIN, NeGD and Industry)

g. Possible Assignments - Group to consider itself as an organization distributed to

Head Office and Regional /Divisional Offices in various locations, have over 600

regular and 200 outsources employees. The organization have IT applications for

key functions like Finance, HR and some key business function

(citizen/Business/G2G service - to be assumed by the group) and come up with

1. A Network Security policy of the organization.

2. Security Related Monitoring Mechanism, Accountability related clauses

and SLAs in IT related outsourcing arrangements.

3. Definition and Identification of Critical Information Infrastructure in the

organization

4. Institutional Structure and Incident response Mechanism in your

organization to handle Cyber Security related incidence citing an

actual/imaginary scenario

5. End Point Security Policy

6. Log Management and Review Policy/ Data Classification and Back Up

Management policy

2. Individual Assignments (Name and Dept not required, This will be kept confidential)

Announcement to made on day one

a. To be done by each individual

b. To be submitted on day 4, in Digital form to be mailed to Mr Dipak Singh

and

Mr. Kamal Jain and Dr. Charru Malhotra(word or pdf)

c. Assignment

List Critical IT assets and applications in your organization

Briefly describe O&M model of major asset category in your organization

Who is responsible for security (both physical and Digital) of that asset

Existing security related policies, if any, in your organizations

Gap in existing Cyber Security arrangements that you have identified durin

training

Action plan for next 3 months to address these gaps

Chief Information Security Officers’ (CISO) Deep Dive Training

On

Cyber Security

under

Cyber Surakshit Bharat initiative (August 01-04, 2018)

Visiting Experts

Dr. Gulshan Rai

National Cyber Security Coordinator, PMO, India

Phone (O) – 23747965, 24368572

Email: grai@mit.gov.in

Shri M. Srinivas Rao, IAS

President & CEO, NeGD, MeitY

Phone(O)- 30481637

Email: ceo@digitalindia.gov.in

Shri. Rakesh Maheshwari

Group Co-ordinator, Cyber Law & e-Security

MeitY, India

Phone (O) – 24361244

Email: rakesh@meity.gov.in

Name Designation with Organization

Mr. Navin Kaul Senior Manager Ernst & Young LLP

Mr. Vidur Gupta Partner-Advisory Services, Ernst & Young

Mr. Dhiraj Gaur Security Consultant

Palo Alto Networks (India) Pvt.

Mr. Iftekhar Hussain Technology Solutions Professional - Cyber Threat Management Microsoft Corporation ( India )

Dr. Rahul Johari Assistant Professor Computer Sciences Department Guru Gobind Singh Indraprastha Uni

versity

Dr. Gaurav Gupta Scientist D, Ministry of Electronics and Information Technology

(MeitY)

Mr. Amarpreet Singh Security Delivery Leader - DAS Data & Application Security

Ms. Neeti Vohra Joint Director, Corporate R & D CDAC, Pune

Ms. Shubhagta Kumar ADG (SI) The office of Directorate General of Systems & Data Management

Central Board of Excise and Customs (CBEC)

Mr. Hemant Mehrotra Security Delivery Leader- North, IBM

Mr. Pavan Duggal Mr. Pavan Duggal Sr. Cyber Advocate

Mr. Dipak Singh Sr. Director, MeitY

Mr. Ashutosh Chadha Group Director, Government Affairs & Public Policy

Microsoft India

Dr. Prabir Panda Dr. Prabir Panda Wing Cmdr

Indian Air Force (IAF-Retd.)

Prof. Arvinder Kaur Dean, university’s School of information Communication &

Technology (USICT)

Mr. Rakshit Tandon Consultant – IAMAI ( Internet & Mobile Association of India)

Advisor – Cyber Complaint Redressal

Ministry Officials and Core Project Team at IIPA

MeitY Officials Name Designation Contact no. Email id

Mr. Ajay Prakash Sawhney, IAS Secretary

24364041 secretary@meity.gov.in

Mr. Pankaj Kumar, IAS Additional Secretary 24360160 pankajkumar@nic.in

Mr. Vinay Thakur Director, Project Development

30481618

24301933

vinay@nic.in

Mr. Dipak Singh Sr. Director, MeitY 24301305 dipak.singh@meity.gov.in

Mr. Kamal Kr. Jain Programme Director

SGM CB, NeGD

9958967194 kamal.jain@digitalindia.gov.in

Mr. Vinay Singh Consultant, NeGD 8800440771 vinay.singh@digitalindia.gov.in

IIPA Team

Name Designation Contact no. Email id

Dr. Tishyarakshit Chatterjee, IAS (Retd.)

Director, IIPA 9717778418 titichatterjee@gmail.com

Mr. Amitabh Ranjan Registrar, IIPA 9868164013 ranjanamitabh@ymail.com

Dr. Charru Malhotra

Programme Coordinator

Asso. Professor (e- Governance & ICT)

9818529298

23468393

charrumalhotra@gmail.com, charrumalhotra.iipa@gov.in

Prof. V.K.Sharma Sr. Professor 9818961977 profvinod@gmail.com

Ms. Rashmi Anand Sr. Research Officer 8800602134

rashmi.iipa@gmail.com, anandrashmi2110@gmail.com

Ms. Shilpa Yadav Research Officer 7701921513 shilpayadav.iipa@gmail.com

Ms. Surabhi Dalal Research Officer 9990172030 iipasurabhi@gmail.com

Ms. Nishtha Agarwal Research Officer 9868225928 nagarwal.iipa@gmail.com

Mr. Naveen Chand Training Cell 8750816357 chandnaveen1990@gmail.com

TRAINING BRIEF

Chief Information Security Officers’ –CISOs’ Deep Dive Training on Cyber Security

under Cyber Security Bharat Initiative (August 1-4, 2018)

Indian Institute of Public Administration had collaborated with Ministry of Electronics and

Information Technology (MeitY) and National e-Governance Division (NeGD) to design and

conduct the Chief Information Security Officers’ (CISO) Deep Dive Training Program from

August 1-4, 2018. This four day technical training on cyber security focused on several

objectives including:

1. Creating awareness on the emerging landscape of cyber threats

2. Provide in-depth understanding on key activities, new initiatives, challenges and related

solutions

3. Applicable frameworks, guidelines and policies related to cyber security

4. Share best practices and learn from successes and failures

5. Provide key inputs to take informed decisions on cyber security related issues in their

respective functional areas

Forty two participants had attended the training program. These were primarily Chief Security

Officers (CSOs), Chief Technical Officers (CTOs)- the officers responsible to observe security

of the IT systems in central and state ministries/departments and subordinate agencies, including

PSU banks, insurance companies, and technical wings of police and security forces, Joint

Secretaries and former APPPA (Advanced Professional Program in Public Administration)

participants.

Dr. Gulshan Rai ((National Cyber Security Coordinator, Prime Minister’s Office, Govt. of

India), who had been gracious enough to the Chief Guest of the Inaugural function, prodded the

CISOs in possessing a compound set of expertise ranging from technical, managerial,

responsible for risk assessment. Sh. Rakesh Maheshwari (Group Coordinator, Cyber Law,

Cyber-Security, Cert-in, MeitY) reminded that all organisations, therefore must chalk out a

Cyber Crisis Management Plan (CCMP). Considering the importance of CCMP, this session was

undertaken by Dr. Charru Malhotra wherein she discussed CCMP in great detail.

Over the course of four days, the CISOs were trained by industry practitioners drawn from E&Y,

IBM, Microsoft, Paloalto Networks, Dell EMC as well as senior experts from both Cert-in and

IIPA. Routine online quizzes were conducted to gauge the intermittent knowledge captured by

the participants using online platform by the industry experts and IIPA and awards were given to

the participants.

At the fourth day, the participants delivered group presentations on the following topics

1. Network Security Policy of the organization

2. Security Related Monitoring Mechanism, Accountability related clauses and SLAs in IT

related outsourcing arrangements

3. Definition and identification of Critical Information Infrastructure in the organization

4. Institutional Structure and Incident response Mechanism in your organization to handle

Cyber Security related incidence citing an actual/imaginary scenario

5. End Point Security Policy

6. Log Management and Review Policy/ Data Classification and Back Up Management

policy

These presentations were judged by eminent jury from industry (Mr. Amolak Singh, Director IT

solutions, Infologic Solutions), government (Mr. I.P.S. Sethi, Deputy Director Genral, NIC, Mr.

Dipak Singh), renowned practitioner (Wg. Cmdr.(Dr.) Prabir Panda (IAF, Retd), Enterprise

Architect- Security and Head of Technical Support Unit-Election Commission of India).

In the valedictory session, Shri M. Srinivas Rao, IAS (President and CEO, National e-

Governance Division) in his address expressed his anticipation that the program shall garner

huge demand for which he suggested using e-learning tools to actually reach out to a larger

audience.

Overall, the dignitaries, industry, and participants all hailed this endeavor by IIPA as a unique

PPP capacity building effort that would surely empower government departments to be more

cyber resilient.

This highly intense skill based cyber security training was designed, and coordinated by Dr.

Charru Malhotra (Associate Professor – e-Governance and ICT), Indian Institute of Public

Administration.

Some Glimpses of CISO Deep Dive Training Program

August 1-4, 2018

Pic 1: In their good books- Positive feedback from the participants about the CISO Deep Dive Training

Program August 1-4, 2018

Pic 2: Group photograph of the inaugural session- Dr. Gulshan Rai (National Cyber Security Coordinator, PMO), in

the center. Towards his left is Dr. Charru Malhotra (Associate Professor, IIPA). Towards his right is Prof. V.K.

Sharma (Sr. Professor, IIPA), Mr. Rakesh Maheshwari (Group Coordinator, MeitY),Mr. Dipak Singh (Sr. Director,

MeitY), Mr. Kamal Jain (Sr. General Manager, NeGD).

Pic 3:Dr. Gulshan Rai (National Cyber Security Coordinator, PMO) addressing the CISOs at the inaugural

ceremony August 1, 2018

Pic 4: Dr. Gulshan Rai (National Cyber Security Coordinator, PMO) with Professor V.K.Sharma (Senior Professor at IIPA) along

with Dr. Charru Malhotra (Associate Professsor, IIPA and Program coordinator)

Pic 5: CISOs attending the Deep Dive Training at the inaugural ceremony Aug 1, 2018

Pic 6: CISOs working in their groups for assessments during the training program

Pic 7: Sh. M.Srinivas Rao, IAS (President and CEO, NeGD, MeitY) addressing the CISOs at the valedictory session

August 4, 2018

Pic 8: Prof. V.K. Sharma (Senior Professor at IIPA) awarding token of gratitude to the chief guest Sh. M. Srinivas Rao, IAS

(President and CEO, NeGD, MeitY at the valedictory session

Pic 9: Participants presenting their group presentation at the final day of the training program August 4, 2018

Pic 10: Sh. M. Srinivas Rao awarding certificates to participants at the valedictory session of CISO Deep Dive

Training

CYBER SURAKSHITBHARAT

Digital India is a key initiative for the country. In light of the recent attacks, there is increased focus on cyber safety. Recognizing the need to strengthen the cyber security ecosystem in India, and in alignment with the Honourable Prime Minister's vision for a 'Digital India', the Ministry of Electronics and Information Technology (MeitY), launched the Cyber Surakshit Bharat initiative in association with National e-Governance Division (NeGD) and industry partners.

The purpose of the program would be to spread awareness, build capacity as well as enable government departments on steps that need to be taken to create a Cyber Resilient IT set up.

Ofcers from Central and State Ministries/Departments and subordinate agencies, including PSU Banks and Insurance companies, technical wings of police and security forces

1. Designated Chief Information Security Ofcers (CISOs),

2. CTOs and Member of Technical /PMU teams, Ofcers responsible to observe security of the IT systems in their respective organizations

CYBER SURAKSHIT BHARAT DEEP DIVE TRAINING

TARGET AUDIENCES

BATCH SIZE - MAXIMUM 50 PARTICIPANTS

BACK GROUND

The objective of the programme is to educate & enable the Chief Information Security Ofcers (CISO) & broader IT community to address the challenges of cyber security. Create awareness on the emerging landscape of cyber threats Provide in-depth understanding on key activities, new initiatives, challenges and related solutions Applicable frameworks, guidelines & policies Applicable frameworks, guidelines & policies related to the subject Share best practices to learn from success & failures Provide key inputs to take informed decision on Cyber Security related issues in their respective functional area

The 4 days residential regional training programme will be conducted in 5-6 major cities across country. The following areas would also be covered in detail, from the practitioner perspective, by experts from Government and leading Industries in the area.

PROGRAMME OBJECTIVE

COURSE OVERVIEW

LOGISTICS

NOMINATION PROCESS

REGION WISE BATCHES LOCATION

02

03

01

01

New Delhi

BengaluruChennaiHyderabad

Mumbai

Kolkata

12 June - 15 June,1801 Aug - 04 Aug,18

27 June - 30 June,1826 Sept - 29 Sept, 1810 Oct - 13 Oct, 18

18 July - 21 July, 18

05 Sep - 08 Sep,18East - Assam, West Bengal, Jharkhand, Bihar, Sikkim, Tripura, Nagaland, Mizoram, Arunachal, Manipur, Meghalaya

North- J& K, Chandigarh, Haryana, UP, UK, Punjab, Delhi, Himachal

South - Andhra Pradesh, Telangana, Karnataka, Tamil Nadu, Puducherry, Lashadweep, Andaman Nicobar,Kerala, Odisha

West- Maharashtra, Chattisgarh, MP, Goa, Gujarat, Rajasthan, Daman & Diu & DNH

Detailed Programme Schedule

for

Chief Information Security Officers’ Deep Dive Training

under Cyber Surakshit Bharat initiative

Programme Coordinators

Dr. Charru Malhotra and Mr. Kamal Jain

June 12-15, 2018

Conference Hall , First Floor, Indian Institute of Public Administration (IIPA), I. P. Estate, Outer Ring Road,

New Delhi-110002

Day -1: Tuesday, June 12, 2018

Timings Topic Faculty/Guest

0900hrs –

0930hrs

Registration Rashmi, Surabhi , Nishtha, Hemant

(IIPA Digital India Training Team)

0930hrs – 0945hrs

Session 1 Ice Breaking

Dr.Charru Malhotra and Mr.Kamal Jain (Programme Coordinators)

0945hrs – 1030hrs

Inaugural session

Introduction to the Programme

Dr. Charru Malhotra (Programme Coordinator , Indian Institute of Public Administration)

About Cyber Surakshit Bharat and its Objectives

Mr. Rakesh Maheshwari (Group Coordinator, Ministry of Electronics and Information Technology-MeitY)

Welcome Address

Dr. T. Chatterjee, IAS (Retd.) (Director, Indian Institute of Public Administration)

Keynote Address by Chief Guest

Dr. Gulshan Rai (National Cyber Security Coordinator-PMO, India )

Vote of Thanks Mr. Dipak Singh (Sr Director, MeitY)

1030hrs- 1045hrs

Group photo and tea break

1045hrs –

1300hrs

Session 2

Governance Risk and Compliance

Mr. Navin Kaul (Senior Manager , Ernst &Young)

Mr. Vidur Gupta (Partner - Advisory Services, EY)

1300hrs- 1400hrs

Lunch Break

1400hrs–

1530hrs

Session 3

Network Security

Mr. Dhiraj Gaur (Security Consultant, Palo Alto Networks Pvt Ltd)

1530hrs- 1545hrs

Tea Break

1545hrs-

1700hrs

Session 3 Contd.

Network Security (Contd.)

Mr. Dhiraj Gaur (Security Consultant, Palo Alto Networks Pvt Ltd)

1700hrs-

1730hrs

Briefing on Group Work and Individual

Assignments Dr.Charru Malhotra & Mr. Kamal Jain (Programme Coordinators)

Day -2: Wednesday, June 13, 2018

0930hrs –

1130hrs

Session 4

End Point Security

Mr. Sanesh Vig (Technical Solution Professional, Microsoft India)

1130hrs- 1145hrs

Tea Break

1145hrs-

1230hrs

Session 4 Contd.

End Point Security (Contd.)

Mr. Sanesh Vig (Technical Solution Professional, Microsoft India)

1230hrs-

1300hrs

Session 5

Internet Separation

Mr. Ravinder Singh (Director - Cyber security, Dell EMC)

Mr. Anup Tiwari

(Sr. Technology Consultant, VMware Software India

Pvt Ltd)

1300hrs- 1400hrs

Lunch Break

1400hrs –

1530hrs

Session 6

Application and Data Security

Mr. Amarpreet Singh (Security Delivery Leader- Data & Application

Security, IBM)

Ms.Neeti Vohra

(Joint Director, Corporate R & D, CDAC, Pune)

1530hrs – 1545hrs

Tea Break

1545hrs –

1700 hrs

Session 6 Contd.

Application and Data Security

(Contd.)

Mr. Amarpreet Singh (Security Delivery Leader- Data & Application

Security, IBM)

Ms.Neeti Vohra

(Joint Director, Corporate R & D, CDAC, Pune)

Day-3 : Thursday, June 14, 2018

0930hrs –

1130hrs

Session 7

Cloud Security & Emerging

Technologies

Mr. Dhiraj Gaur (Security Consultant, Palo Alto Networks Pvt Ltd)

1130hrs- 1200hrs

Tea Break

1200hrs -

1300hrs

Session 8

Cyber Crisis Management Plan

(CCMP)

Ms.Savita Utreja (Scientist 'G' / Senior Director, Indian Computer

Emergency Response Team(CERT-In)

1300hrs- 1400hrs

Lunch Break

1400hrs –

1600hrs

Session 9

Operation/Monitoring- Related Cyber

Security Issues

Dr.Charru Malhotra (Associate Professor – e-Governance & ICT)

Mr. Amarpreet Singh

(Security Delivery Leader- Data & Application

Security, IBM)

1600hrs – 1615hrs

Tea Break

1630hrs-

1730hrs

Session 10

Overview of IT Act & Amendments

Mr. Pavan Duggal (Sr. Cyber Advocate, President of Cyberlaws.Net)

Day-4 : Friday, June 15, 2018

0900hrs –

1230hrs

Session 11

Group Presentations by Participants

Panel Experts

Mr. Dipak Singh, (Sr Director, MeitY)

Mr. Kamal Jain

(Programme Coordinator & SGM CB, NeGD)

Dr.Charru Malhotra

(Programme Coordinator , IIPA)

Mr. Ashutosh Chadha

(Group Director, Government Affairs & Public

Policy Microsoft India)

1230hrs – 1330hrs

Valedictory Session

Programme Highlights:

Dr. Charru Malhotra (Programme Coordinator , Indian Institute of Public Administration)

Ministry’s Vision:

Mr. Vinay Thakur (Director, CB, NeGD)

Way forward:

Mr. Dipak Singh (Sr Director, MeitY)

Concluding Remarks:

Prof. V.K.Sharma (Professor, Indian Institute of Public Administration)

Valedictory Address by the Chair

Shri Pankaj Kumar, IAS (Additional Secretary, Ministry of Electronics and Information Technology)

Vote of Thanks:

Mr. Kamal Jain (Programme Coordinator, SGM CB, NeGD)

Assignment instructions Validation plan for Day 4(open to enhancement)

1. Group Assignment a. Nos of Groups - 5-6 b. Group Size - 5-8 c. To be made on the first day and announce during the last session of day one by the course coordinator (IIPA in the first programme) d. Member Mix- As per assignment e. Submission - Presentation in prescribed format - 20 mnts followed by 10 mnts for Q&A on day 4- preferably each member has to contribute during presentation/Q&A f. First two groups to be given some award- Cross ranking by participants and the panel (MeitY, CDAC/CERTIN, NeGD and Industry) g. Possible Assignments - Group to consider itself as an organization distributed to Head Office and Regional /Divisional Offices in various locations, have over 600 regular and 200 outsources employees. The organization have IT applications for key functions like Finance, HR and some key business function (citizen/Business/G2G service - to be assumed by the group) and come up with

1. A Network Security policy of the organization. 2. Security Related Monitoring Mechanism, Accountability related clauses and SLAs in IT related outsourcing arrangements. 3. Definition and Identification of Critical Information Infrastructure in the organization 4. Institutional Structure and Incident response Mechanism in your organization to handle Cyber Security related incidence citing an actual/imaginary scenario 5. End Point Security Policy 6. Log Management and Review Policy/ Data Classification and Back Up Management policy

2. Individual Assignments (Name and Dept not required, This will be kept confidential) Announcement to made on day one

a. To be done by each individual b. To be submitted on day 4, in Digital form to be mailed to Mr Dipak Singh and Mr. Kamal Jain and Dr. Charru Malhotra(word or pdf) c. Assignment

List Critical IT assets and applications in your organization

Briefly describe O&M model of major asset category in your organization

Who is responsible for security (both physical and Digital) of that asset

Existing security related policies, if any, in your organizations

Gap in existing Cyber Security arrangements that you have identified during training

Action plan for next 3 months to address these gaps

Chief Information Security Officers’ Deep Dive Training

under

Cyber Surakshit Bharat initiative

June 12-15, 2018

Conference Hall , First Floor, Indian Institute of Public Administration

(IIPA), I. P. Estate, Outer Ring Road,

New Delhi-110002

Mr. Gulshan rai

National Cyber Security Coordinator, PMO, India

Phone (O) – 23747965, 24368572

Email: grai@mit.gov.in

Mr. Ajay Prakash Sawhney

Secretary, MeitY, India Phone (O) – 24364041

Email: secretary@meity.gov.in

S.No. Name Designation with organisation

1. Mr. Dhiraj Gaur Security Consultant

Palo Alto Networks (India) Pvt. Ltd.4.47 Worldmark 2, Aerocity,

Delhi 110 037

2. Mr. Navin Kaul Senior Manager Ernst & Young LLP

6th Floor, WorldMark 1, Aerocity,

3. Mr. Amarpreet Singh Security Delivery Leader - DAS (Data & Application

Security) IBM A-26, Sector 62 Noida - 201301

4. Mr. Sanesh Vig Technical Solution Professional Microsoft India

5. Ms Neeti Vohra Joint Director, Corporate R & D CDAC, Pune

6. Ms Savita Utreja Scientist ‘G’/Senior Director CERT-In

Electronics Niketan

6 CGO Complex New Delhi – 110003

7. Mr. Vidur Gupta Partner-Advisory Services, Ernst & Young

8. Anup Tiwari Sr. Technology Consultant, VMware Software India Pvt Ltd

9. Dr. T. Chatterjee Director, Indian Institute of Public Administration

10. Prof. V.K.Sharma , Indian Institute of Public Administration

11. Dr. Charru

Malhotra

Associate Professor (e-Gov & ICT)Indian Institute of Public Administration

12. Mr Ashutosh Chadha Group Director, Government

Affairs & Public Policy Microsoft India

13. Ms Aditee Rele Microsoft India

14. Mr Ravi Vijayvargiya Senior Technical Director NIC

15. Mr Ajay Lakra Additional Director CERT-In

Electronics Niketan, 6 CGO Complex

New Delhi 110003

16. Mr Arvind Kumar Scientist ‘G’ & GC MeitY

17. Mr Vinod Kumar

Chauhan

Scientist ‘C’ MeitY

Ministry Officials and Core Project Team at IIPA

MeitY Officials Name Designation Contact no.

(011) Email id

Mr. Ajay Prakash Sawhney

Secretary

24364041 secretary@meity.gov.in Mr. Sanjay Goel Joint

Secretary 24363114 js.sgoel@meity.gov.in

Mr. Vinay Thakur Director, Project Development

30481618

24301933

vinay@nic.in

Mr. Dipak Singh Sr Director, MeitY 24301305 dipak.singh@meity.gov.in

Mr. Kamal Kr. Jain SGM CB, NeGD

9958967194 kamal.jain@digitalindia.gov.in

Mr. Vinay Singh Consultant, NeGD 8800440771 vinay.singh@digitalindia.gov.in

IIPA Team

Name Designation Contact no. Email id

Dr. Tishyarakshit Chatterjee, IAS

Director, IIPA 9717778418 titichatterjee@gmail.com

Mr. Amitabh Ranjan Registrar, IIPA 9868164013 ranjanamitabh@ymail.com

Dr. Charru Malhotra

Project Coordinator

Associate Professor (e- Governance & ICT)

9818529298

23468393

charrumalhotra@gmail.com

Ms. Rashmi Anand Sr. Research Officer 8800602134, 9868534834

rashmi.iipa@gmail.com, anandrashmi2110@gmail.com

Ms. Shilpa Yadav Research Officer 7701921513 Shilpayadav.iipa@gmail.com

Ms. Surabhi Dalal Research Officer 9990172030 iipasurabhi@gmail.com

Ms. Nishtha Agarwal Research Officer 9868225926 nagarwal.iipa@gmail.com

Mr. Hemant Chandra Training Cell 9971671766 hemantchandra786@gmail.com

FOUNDING PARTNERS

KNOWLEDGE PARTNERS

1 | P a g e

TRAINING BRIEF

Chief Information Security Officers’ –CISOs’ First Deep Dive Training on CyberSecurity under CyberSecurity

Bharat Initiative ( June 12-15, 2018)

Ministry of Electronics and Information Technology (MeitY) and National e-Governance Division

(NeGD) had collaborated with IIPA to design and conduct the CISOs’ First Deep Dive Training

Program (June12-15, 2018). This four-daytechnical training on cybersecurity had focusedon

several objectives including :-

1. Creating awareness on the emerging landscape of cyber threats

2. Provide in-depth understanding on key activities, new initiatives, challenges and related

solutions

3. Applicable frameworks, guidelines and policies related to cyber security

4. Share best practices and learn from successes and failures

5. Provide key inputs to take informed decision on cyber security related issues in their

respective functional areas

Thirty participants had attended the training - who were primarily chief security officers, chief

technical officers – the officers responsible to observe security of the IT systems in central and

state ministries/departments and subordinate agencies, including PSU banks, insurance companies,

and technical wings of police and security forces. In the welcome address at the Inaugural function,

Director-IIPA prophesized that diplomacy and military conflicts would no longer be confined to

border and that cybesecurity would now form a significant part of all of these. In similar vein, Dr.

Gulshan Rai (National Cyber Security Coordinator, Prime Minister’s Office, Govt of India), who

had been gracious enough to the Chief Guest of the Inaugural function, prodded the CISOs to

possess a compound set of expertise ranging from technical, managerial, responsible for risk

assessment. Sh. Rakesh Maheshwari (Group Coordinator, CyberLaw, Cyber-Security, Cert-in,

MeitY) reminded that all organisations, therefore must chalk out a cyber crisis management plan

(CCMP). Over these four days, the CISOs were trained by industry practioners drawn from E&Y,

IBM, Microsoft, Paloalto Networks, Dell EMC as well as senior experts from both Cert-in and

IIPA. Routine online quizzes were conducted to gauge the intermittent knowledge captured by the

participants using online platform by the industry experts and IIPA and awards were given to the

participant.

At the fourth day, the participants delivered group presentations on topics such as

1. Network Security Policy of the organization

2. Security Related Monitoring Mechanism, Accountability related clauses and SLAs in IT

related outsourcing arrangements

3. Definition and Identification of Critical Information Infrastructure in the organization

4. Institutional Structure and Incident response Mechanism in your organization to handle

Cyber Security related incidence citing an actual/imaginary scenario

5. End Point Security Policy

6. Log Management and Review Policy/ Data Classification and Back Up Management

policy

These presentations were evaluated by eminent jury drawn from industry (Mr. Ashutosh Chaddha,

Microsoft), Academia (Dr. Rahul Johari, faculty at University School of Information and

2 | P a g e

Communication Technology, Guru Gobind Singh Indraprastha University, Dwarka), government

(Mr. Dipak Singh), renowned practitioner (Mr. Rakshit Tandon) and IIPA seniors (Dr. Charru

Malhotra). The best two presentations were given the first and second position respectively.

In the valedictory session, Shri Pankaj Kumar, IAS (Additional Secretary- MeitY) in his

valedictory address referred to this training by IIPA as a “historical event” – since it was the first

training program of the prestigious CyberSecurity Bharat Initiative flagged off by the Prime

Minister of India.

Overall, the dignitaries, industry, and participants all hailed this endeavor by IIPA as a unique PPP

capacity building effort that would surely empower government departments to be more cyber

resilient.

This highly intense skill based cybersecurity training was designed, and coordinated by Dr. Charru

Malhotra (Associate Professor – e-Governance and ICT), Indian Institute of Public Administration

and Mr. Kamal Jain (SGM CB, NeGD, MeitY).

Some glimpses of the CISO Deep Dive Training

June 12-15, 2018

Pic 1: Group Photograph of the Inaugural session - Dr. Gulshan Rai (National Cyber Security Coordinator, PMO) in the

center,flanked by L to R - Dr. T. Chatterjee (Director, IIPA), Mr. Rakesh Maheshwari (Group Coordinator, MeitY), Mr. Dipak

Singh (Sr. Director MeitY). To the left of Dr. Gulshan Rai (centre) is Dr. Charru Malhotra (Associate Professor IIPA), Mr. Ashutosh

Chadha (Group Director, Government Affairs & Public Policy, Microsoft), Mr. Kamal Jain( Sr. General Manager, NeGD) and Mr.

3 | P a g e

Vinay Singh (NeGD).In the second row- Prof. V.K. Sharma (Sr. Professor IIPA). Last row L to R : Mr. Vidhur Gupta ( Partner,

Advisory Services, E & Y) and NavinKaul ( Sr. Manager, E & Y) along with training participants and IIPA team .

Pic 2: Dr. Gulshan Rai (National Cyber Security

coordinator) with Dr. Tishyarakshit Chatterjee (Director IIPA) along with Mr. Dipak Singh from

MeitY and Dr. Charru Malhotra at the inaugural

ceremony on 12/6/2018

Pic 3: Mr.Rakesh Maheshwari (Group coordinator

MeitY) addressing the CISOs at the inaugural

ceremony on 12/6/2018

Pic 4: CISOs attending the Deep Dive Training

4 | P a g e

Pic 5: Sh. Pankaj Kumar addressing the CISOs in the

valedictory session 15/6/2018

Pic 6: Dr. Charru Malhotra addressing the CISOs in the

valedictory session on 15/6/2018

Pic 7: Dr. Charru Malhotra and Prof. V.K. Sharma along with

Mr.Dipak Singh (MeitY) giving Shri Pankaj Kumar ( Additional Secretary, MeitY) a token of gratitude at the

valedictory session on 15/6/2018

5 | P a g e

Pic 8: Group photograph of the Valedictory session 15/8/2018- Shri Pankaj Kumar ( Additional Secretary, MeitY) in the center with Mr. Dipak Singh

(MeitY), Mr. Kamal Jain (NeGD), Prof V.K. Sharma (professor IIPA), Dr. Charru Malhotra (Associate Professor, IIPA). To the left of Shri Pankaj Kumar

Mr. Ashutosh Chadha, Mr. Rahul Johari (Jury members)