DSCI's Bajaj Steps Down
Rama Vedashree Appointed Interim CEOOfficial sources at the Data Security Council of India confirm that its CEO, Dr. Kamlesh Bajaj has retired. DSCI also confirms the appointment of Rama Vedashree, vice president at NASSCOM, as its interim CEO until a permanent CEO is appointed.
See Also: Bolstering APAC’s Security Posture with Accelerated ZTNA
Security experts say that Bajaj carried out a vision of making DSCI a strong regulatory body and voice for security professionals, and he was instrumental in establishing effective security policies in the country.
DSCI is scouting for a new CEO. According to sources, the individual must be associated with the industry and have served in senior positions. "The DSCI board is evaluating various candidates to appoint a new CEO," a DSCI source says.
Bajaj Legacy
Bajaj came on board as the CEO of DSCI in May 2008 and was instrumental in establishing an intrinsic work plan to bring in best practices for data security and privacy protection.
Under his leadership, DSCI rolled out a data security framework and data privacy framework, which have been absorbed by various institutions in the country. As a strong proponent of data privacy and protection under the IT (Amendment) Act, 2008, and in his role of public advocacy, he was engaged in building DSCI into a self-regulatory organization using best practices accepted by regulators in other countries.
Speaking to Information Security Media Group in reference to data protection, Bajaj once said, "India's data protection standards are strong, but to be truly secure, organizations must protect themselves above those standards."
He always advocated open-ended flexibility when it came to implementing privacy programmes. For instance, referring to the AP Shah Committee report looking into privacy issues in India, Bajaj said, "Any privacy laws must be kept simple and flexible to be able to implement it. Open-ended flexibility will go a long way in incubating genuine privacy programmes in organizations."
Prior to taking up the position at DSCI, Bajaj was the founder and director of India's Computer Emergency Response Team, under the ministry of communications and IT, Government of India. He was the co-chair of Indo-US Cyber Security Forum for a year. As deputy controller of Certifying Authorities, he established the techno-legal framework for key public infrastructure in the country. Before that, he served as deputy director general, National Informatics Centre.
Successor's Challenges
Experts says the interim CEO, Vedashree, has a huge task ahead in supporting DSCI's vision for building awareness around cybersecurity and data protection, given the increase in cybercrime and the evolving nature of attacks.
Vedashree has been associated with NASSCOM for over five years, leading domestic IT and IT services verticals. Prior to that, she was director, sales excellence at Microsoft Global Services.
In reacting to his retirement, security experts talk about how Bajaj established the footprint for DSCI as the organization engaged in data protection and was a voice for the community at various forums and government interactions.
"It would not be an exaggeration to say that Dr. Bajaj single-handedly nurtured DSCI and built the organization to what it is now from ground zero," says Delhi-based Felix Mohan, CEO at CISO Academy.
'It was a herculean task to establish a data privacy and protection policy, given the administrative and bureaucracy hurdles," Mohan says. "Dr. Bajaj diligently worked towards developing this framework after taking cognizance from the government."
Delhi-based Sivarama Krishnan, PWC's director and leader of India cybersecurity, governance, risk and compliance, was involved in the designing of the DSCI model along with Bajaj. "All kudos go to Dr. Bajaj for creating an entity such as DSCI whose standards have been adopted by academicians and other groups, globally," Krishnan says. "One cannot overlook the relentless efforts by Dr. Bajaj in having a series of dialogues with government bodies, and in particular, the ministry of home affairs, in getting due recognition for information security."