Guidelines for chief information security officers>
The Indian Express – Pranav Mukul
With an aim to spread awareness about the growing cyber threats to the chief information security officers (CISO) posted in every department of the government, the[Indian] Ministry of Electronics and Information Technology has issued best practices guidelines to ensure a safe and secure cyber environment when it comes to data stored by the government. In its guidelines the IT ministry has eight key best practices for the CISOs to follow. These are: to know the IT environment by undertaking an inventory check of the computers and networked devices and knowing types of data managed by the department; educating and training the employees on types of cyber attacks and safe cyber practices such as strong passwords, multi-factor authentication, secure internet browsing, social media safety, use of USB devices, etc; to review and improve information security policy for the department; to procure genuine software and hardware and keep operating systems updated on a regular basis; to implement and enforce a formal cybersecurity policy framework that includes governance, risk management, compliance, data back-up, enforcement and usage policy statements; to drive strong device protection with encryption and prevent data leakage apart from maintaining logs; to conduct regular and comprehensive cybersecurity reviews; and to use tools for monitoring and detecting anomalies in systems processes coupled with a cyber-response strategy involving.
Link: http://indianexpress.com/article/business/economy/guidelines-for-chief-information-security-officers/