Cybersecurity Starts in the Boardroom
I have reported previously on India’s new laws that will weaken the privacy offered to users of VPN technology: The new laws require the VPN vendors to record identifiable information about the users, and then make that information available to organisations authorised by the government, so effectively removing privacy from …
The deadline for implementing a range of infosec directives, issued by India’s Ministry of Electronics and Information Technology (MeitY) and the Indian Computer Emergency Response Team (CERT-In) has been extended by 90-days. India extends deadline for compliance with IT Directions • The Register InfoSec in Indian now always seems to …
Continue reading “Indian government VPN logging deadline extended”
So the Indian government issued a confidential document to it’s employees on how to keep things secure and secret. It sounds like a great idea and something you should be doing in your organisation – Octagon Technology has such a document. Our document is version controlled, and I, as CISO, …
Continue reading “Indian Government’s confidential information security directive leaks!”
Because of the soon to be law, requirements for VPN companies operating in India, to keep full logs of their user’s activities for five years, so India’s Computer Emergency Response Team (CERT-In) and law enforcement can have access to them – so removing the levels of privacy that a VPN …
I think it is a good thing that the Indian government is giving it’s full support to tightening up cyber security in the country. However it seems that their responses, which seem good on paper are not so when translated into the real world: Indian authorities issue conflicting advice about …
