Note: This advice is offered free with no obligations
The Indian government has set in motion an ambitious plan to develop its own software & operating systems after the spurt in cyber attacks on Indian establishments. I think this is a bad idea and being an Indian i thought of contributing. The Problem is not with the OS or software, it is with the way IT is managed.
Indian government should look at addressing the management of IT; developing a OS (or software) is not the solution. I am sure existing players can do a better job because they have matured their processes over time and it is really a mammoth task. If i were to address this problem, i would start with this to-do list:
- Do a risk assessment and then develop a risk management system
- Develop an security management system or adopt some existing system like ISMS
- Create a security plan & include specific plans for departments/units
- Develop security evangelists in government departments
- Implement technical systems like standard hardening like US Fed's or have special a government build
No comments:
Post a Comment