Sanjay Bahl to Head CERT-INSecurity Practitioners Hope to See a New Agenda and Thrust on Collaboration
According to sources at CERT-In, Dr. Sanjay Bahl has been appointed Director General of the Indian Computer Emergency Response Team.
See Also: Why CASBs Matter to Cloud Security
Bahl will serve as the head of CERT-In for a period of five years, sources say. Currently, he serves as the senior consultant at CERT-In, providing consultancy in the area of policy, governance, risk, compliance, security and privacy to national-level projects in India.
Department of Electronics and Information Technology has been in search of a new director general for CERT-In for the past few months, and Bahl's candidacy was being considered.
The new appointment comes in the wake of the current director general B J Srinath's plan to take voluntary retirement for personal reasons.
During a recent conversation with ISMG, Srinath said, "I have opted for voluntary retirement on personal grounds, and will be serving till March 31, 2016."
While Bahl could not be reached for comment, he acknowledged his appointment to the new role via SMS, without divulging further details.
In all probability, Bahl will take charge starting April 1.
Industry experts welcome DeitY's decision to appoint Bahl. They acknowledge that given his experience with information security, governance, dealing with the risk management and privacy framework in the private and public sectors, Bahl can contribute significantly in his role. They expect to see a different agenda with the change in leadership and a thrust toward effective collaboration between the industry and government.
On conditions of anonymity, a Delhi-based security practitioner says, "We hope to see a different agenda with the change in leadership, a positive step towards securing the nation."
Says Bangalore-based J Prasanna, CEO& Partner at AVS Labs, who works closely with CERT-In, "Hailing from the corporate sector, Bahl understands the nuances of a collaborative approach to resolving issues and can establish better processes to align with public and private sector."
Mumbai-based Sameer Ratolikar, CISO of HDFC Bank, says CERT-In has been doing good work, as compared with the other CERTS in more developed markets, and there is ample opportunity to grow the structure of the organization. "Under Bahl's leadership, new initiatives will be drawn to address cyber threat challenges more effectively," Ratolikar says.
Mumbai-based Dinesh O Bareja, COO of India Watch and president of Open Security Alliance maintains that CERT-In has been in need of a strong leadership, and an individual from a security background. "Bahl brings the right experience and he can bring the changes required to deal with cybersecurity challenges," Bareja says.
While setting certain expectations to take CERT to the next level and also streamline processes to establish better security standards in the country to combat newer threats, security leaders also carve out new responsibilities for Bahl.
Mumbai-based Vishal Salvi, Partner Advisory at PricewaterhouseCoopers, says, "Bahl is the right candidate for the post, and he should broaden his reach and scope of CERT-In's function to expand it to the next level."
Ratolikar believes that the new leader should look at expanding to offer 24x7 support to the community, which has been a challenge.
"As a change in process, CERT-In can look at providing periodic actionable threat intelligence as a nodal body and can take the lead in putting together a cyber resilience policy, while contributing to research activities on cybersecurity," points out Ratolikar.
With his experience of being a CSO himself in the past, Prasanna says Bahl will be in an ideal situation to refresh CERT-In's empanelment policy to help the security community.
The immediate need, according to Ratolikar: "CERT-In should establish a closed group for the practitioner community to exchange information periodically and take stock of the threat landscape, which has not been the case so far."
Varun Haran contributed to this report.