MINISTER IN THE STATE IN THE MINISTRY OF COMMUNICATIONS AND INFORMATION TECHNOLOGY (SHRI KAPIL SIBAL)
(a) to (f): A Statement is laid on the Table of the House.
STATEMENT REFERRED TO IN REPLY TO LOK SABHA STARRED QUESTION NO. 361 FOR 06.12.2010 REGARDING INFORMATION
SECURITY AWARENESS.
(a): The Information Security System including information security professionals in the country covering
People, Process and Technology comprises of:
(i) Legal framework in the form of Information Technology Act, 2000 as amended by the Information Technology
(Amendment) Act, 2008, in support of responsible action by stakeholders and effective prosecution.
(ii) Security best practices by way of compliance to international standards including implementation
of Crisis Management Plan and Cyber Security Drills.
(iii) Early Warning and Response to Cyber Security incidents through the Indian Computer Emergency Response
Team (CERT-In) for effective cyber incident prevention and resolution.
(iv) Research and Development in core technology areas leading to development of security products and
solutions.
(v) Training and capacity building to enhance cyber security skills and competence through domain specific
training programmes, seminars and workshops.
(vi) Information Security awareness campaign for mass outreach through targeted awareness programmes,
web portals, promotional material and awareness kits aimed at students, children, general users of
Information Technology.
(vii) Information Sharing and Collaboration at national and international level in the form of security
cooperation agreements with Industry, Academia and international agencies for rapid incident response
and vulnerability remediation.
The Information Security System as described above is in place and is being continuously upgraded.
(b) and (c): Government is continuously engaged in enhancing the present level of awareness amongst
the users of Information Technology through the Information Security System mentioned in para (a)
above. However, there are challenges in view of rapid changes in the field of IT and emergence of
newer vulnerabilities and threats to Information Technology systems. Government has taken the
following steps to enhance information security awareness amongst users.
# Country wide information security awareness campaign in association with Data Security Council
of India (DSCI)/NASSCOM.
# Skill specific training programmes and workshops aimed at all types of users.
# Dissemination of security related information for end users including home users
and children through web portals such as “secureyourPC.inâ€, “infosecawareness.inâ€.
# Publication of Security guidelines, manuals, leaflets etc.
# Distribution of awareness kits containing promotional material and handbooks.
(d) to (f): Government is implementing Information Security Education and Awareness
(ISEA) Project from March 2005 with a budget outlay of Rs. 70 crore.
The ISEA Project is aimed towards development of human resource in the area of Information
Security at various levels (Certificate Level to B.Tech, M.Tech & Ph.D Level). This activity
is presently being implemented through 6 Resource Centres (RC) as mentoring institutions and
33 Participating Institutes (PI). The project also has a component on awareness; and imparting
of training to the Central and State Government Officers on issues related to Cyber / Information
Security.
The project as approved, is scheduled to be completed in March, 2012.
