- National Security Database
-
National Security Database is an official program jointly developed in support with the Government of India by 'Information Sharing an Analysis Center' (ISAC), to identify and maintain a verified list of credible and trustworthy Information security experts who work to protect the National Critical Infrastructure and cyber space of India.
The program, with an intent to identify valued security experts has multiple specialty domains under Information security, in which professionals can apply for empanelment in the database by clearing a technical lab examination and psychometric test. The program does not award any certification and provides credible recognition in form of empanelment in the database under specfic security domain.
Contents
History
The project was conceieved after the horrific 2008 Mumbai attacks to protect the National Critical Infrastructure and Cyber space of India. The program was founded under a non-profit section 25 company 'Information Sharing and Analysis Center', in support with highly specialized technical intelligence agency NTRO, Government of India.
Earlier, the program was announced as a pilot at the International Malware Conference, MalCon in 2010 in Mumbai where Indian Government officials reportedly asked Indian hackers to learn chinese [1] [2].
Program Launch
The program is set for release on 26th November [3], the same date of the 2008 Mumbai Attacks, at the International Malware Conference, MalCon at JW Marriott, Mumbai. The program is reportedly planned to be inaugurated by Sachin pilot, Minister of State in Ministry of Communications and Information Technology.
Access Restrictions
The emplanelment in database can only be applied by Indian citizens and a limited access is available to the Industry to benefit from list of credible experts. However, a major part of the database access is restricted to supporting Indian Government organizations.
Debate
The program is largely believed to identify professional ethical hackers and security experts by the Government of India to protect it's critical infrastructure and cyber space. IT minister Kapil Sibal has reportedly expressed the need of community of Ethical Hackers [4].
Alok Vijayant, director of the information dominance group at the National Technical Research Organisation, the nation’s chief technical intelligence monitoring authority, quoted[5] in an interview with India's top most weekly magazine Outlook, that NSD should not be “trivialised” by describing it as just as a group of hackers. “Supported by the government and the industry, NSD is a good initiative, since it will provide a readymade database of the most credible security professionals. This is more so because information security is a domain where individuals have the skills and not companies and they tend to regularly move from one firm to another.”
Official support to the project
NSD is officially endorsed by multiple Indian Government organizations including the NTRO with a formal MoU [6], for the stated National objectives with recognition of the foundation and a declared support for the work being done. The collaboration is open and all supporting organizations who need to access the database can do so with a formal MoU with the body.
Industry and Community contribution
various organizations are actively participating and supporting the National Security Database. Notable organizations having voluntary representations governing the NSD advisory panel at a national level include the HoneyNet India Chapter, Microsoft India and the country's oldest security conference clubhack.
Current Specialty Domains of NSD
The National Security Database program has the following specialty domains under which professionals can apply for empanelment:
- Information Security Compliance and pentration Testing
- Reverse Engineering
- Web Application Security
- Malware Research and Analysis
- Exploit Development
- Mobile Application Security
- Digital Forensic Analysis
- Fraud Investigation
In a quote with Outlook magazine, the Director of ISAC, Rajshekhar Murthy stated[7] that It is necessary to have people who are not only competent but also have a high degree of trustworthiness and integrity. "The selection process will involve examination of references, technical skills, criminal history, and even psychological assessment to generate a credit report for security clearance.”
Notes
- ^ http://www.mid-day.com/news/2010/dec/051210-ethical-hackers-chinese-lessons-red-attacks-mumbai.htm
- ^ http://kohi10.wordpress.com/2010/12/05/got-mad-hacking-skillz-speak-chinese/
- ^ http://www.techgoss.com/Story/3921S14-NSD-launch-in-Mumbai.aspx
- ^ http://articles.economictimes.indiatimes.com/2011-11-16/news/30405872_1_cyber-security-kapil-sibal-community-of-ethical-hackers
- ^ http://www.outlookindia.com/article.aspx?279001
- ^ http://nsd.org.in/web/about/
- ^ http://www.outlookindia.com/article.aspx?279001
Wikimedia Foundation. 2010.