Creating a secure cyber ecosystem
- To designate a National nodal agency to coordinate all matters related to cyber security in the country, with clearly defined roles & responsibilities.
- To encourage all organizations, private and public to designate a member of senior management, as Chief Information Security Officer (CISO), responsible for cyber security efforts and initiatives.
Creating an assurance framework
- To promote adoption of global best practices in information security and compliance and thereby enhance cyber security posture.
- To create infrastructure for conformity assessment and certification of compliance to cyber security best practices, standards and guidelines (Eg. ISO 27001 ISMS certification, IS system audits, Penetration testing / Vulnerability assessment, application security testing, web security testing) .
Encouraging Open Standards
- To encourage use of open standards to facilitate interoperability and data exchange among different products or services.
- To promote a consortium of Government and private sector to enhance the availability of tested and certified IT products based on open standards.
strengthening the Regulatory framework
To develop a dynamic legal framework and its periodic review to address the cyber security challenges arising out of technological developments in cyber space (such as cloud computing, mobile computing, encrypted services and social media) and its harmonization with international frameworks including those related to Internet governance.
Information sharing and cooperation
- To develop bilateral and multi-lateral relationships in the area of cyber security with other countries.
- To enhance National and global cooperation among security agencies, CERTs, Defence agencies and forces, Law Enforcement Agencies and the judicial systems.
Creating Cyber Security Awareness
- To promote and launch a comprehensive national awareness program on security of cyberspace.
- To sustain security literacy awareness and publicity campaign through electronic media to help citizens to be aware of the challenges of cyber security.
Developing effective Public Private Partnerships
- To facilitate collaboration and cooperation among stakeholder entities including private sector, in the area of cyber security in general and protection of critical information infrastructure in particular for actions related to cyber threats, vulnerabilities, breaches, potential protective measures, and adoption of best practices.
- To create models for collaborations and engagement with all relevant stakeholders.