Cybersecurity , Risk Management

Passport Seva's Simli on How to Build In Security

Technology Leader Shares Insights for Government Agencies in India

When Passport Seva, the agency under India's Ministry of External Affairs that manages all passport services, underwent digitization and a technology overhaul, it emphasized building in security in a structured manner, says Golok Kumar Simli, the agency's principal consultant and head of technology.

See Also: Effective Cyber Threat Hunting Requires an Actor and Incident Centric Approach

"Right from conceptualization to defining the solution architecture and the deployment, there needs to be a clarity of purpose," Simli says in a video interview at Information Security Media Group's recent GovInfoSec Summit in Delhi. "What are you proposing, and what do you plan to achieve? You need to have a good visibility of who your stakeholders are and what they are doing within the environment."

Simli advises government practitioners to adopt a risk-based approach to security and ensure risk assessments are done prior to any technology investment. He believes a structured approach can benefit all government agencies struggling with information security challenges.

In this video interview, Simli offers insights based on his experience implementing a 24x7 security operations center staffed by ministry personnel and a service provider. The SOC is designed to help the agency proactively detect and respond to security incidents in near real-time, he says. He also discusses:

  • Security strategy recommendations for government agencies;
  • Lessons learned from running a proactive security program at a government agency;
  • Insights on effectively managing service providers.

Simli is principal consultant and head of technology for Passport Seva under India's Ministry of External Affairs. He has more than 22 years of experience in information and communications technology projects, including more than 10 years in government. Previously, he worked at the Reserve Bank of India as well as in in the oil and gas, power, and banking and finance sectors. His major projects have included mission mode projects under NeGP, the National e-Governance Plan of India; government data centers for secure and centralized information sharing; cloud technology; and capacity-building and change management in government departments.


About the Author

Varun Haran

Varun Haran

Associate Editor, ISMG

Haran has been a technology journalist in the Indian market for over six years, covering the enterprise technology segment and specializing in information security. He has driven multiple industry events such as the India Computer Security Conferences (ICSC) and the first edition of the Ground Zero Summit 2013 during his stint at UBM. Prior to joining ISMG, Haran was first a reporter with TechTarget writing for SearchSecurity and SearchCIO; and later, correspondent with InformationWeek, where he covered enterprise technology-related topics for the CIO and IT practitioner.




Around the Network