National Security Database

History

The project was conceived after the 2008 Mumbai attacks to protect the National Critical Infrastructure and Cyber space of India. The program was founded by Rajshekhar Murthy under a non-profit section 25 company 'Information Sharing and Analysis Center', in support with highly specialised technical intelligence agency NTRO, Government of India.

Earlier, the program was announced as a pilot at the International Malware Conference, MalCon in 2010 in Mumbai where Indian Government officials reportedly asked Indian hackers to learn Chinese.

Program launch

The program released on 26 November, the same date of the 2008 Mumbai Attacks, at the International Malware Conference, MalCon at JW Marriott, Mumbai. The program was inaugurated by shri Sachin pilot, minister of state in the Ministry of Communications and Information Technology.

Access restrictions

The empanelment in database can only be applied by Indian citizens and a limited access is available to the Industry to benefit from list of credible experts. However, a major part of the database access is restricted to supporting Indian government organisations.

Debate

The program is largely believed to identify professional ethical hackers and security experts by the government of India to protect its critical infrastructure and cyber space. IT Minister Kapil Sibal has reportedly expressed the need of community of ethical hackers.

Alok Vijayant, director of the information dominance group at the National Technical Research Organisation, the nation’s chief technical intelligence monitoring authority, quoted in an interview with India's top weekly magazine Outlook, that NSD should not be “trivialised” by describing it as just as a group of hackers. “Supported by the government and the industry, NSD is a good initiative, since it will provide a readymade database of the most credible security professionals. This is more so because information security is a domain where individuals have the skills and not companies and they tend to regularly move from one firm to another.

Official support to the project

NSD is officially endorsed by multiple Indian Government organisations such as CERT-IN and NTRO for the stated National objectives with recognition of the foundation and a declared support for the work being done. The collaboration is open and all supporting organisations who need to access the database can do so with a formal MoU with the body.

Industry and community contribution

Various organisations are actively participating and supporting the National Security Database. Notable organisations having voluntary representations governing the NSD advisory panel at a national level include the HoneyNet India Chapter, Microsoft India and the country's oldest security conference clubhack.

Current speciality domains of the NSD

The National Security Database program has the following speciality domains under which professionals can apply for empanelment:

1. Information security compliance and penetration testing
2. Reverse engineering
3. Web application security
4. Malware research and analysis
5. Exploit development
6. Mobile application security
7. Digital forensic analysis
8. Telecom security (by Invitation)
9. Banking security (by Invitation)

In a quote with Outlook magazine, the director of ISAC, Rajshekhar Murthy stated that It is necessary to have people who are not only competent but also have a high degree of trustworthiness and integrity. "The selection process will involve examination of references, technical skills, criminal history, and even psychological assessment to generate a credit report for security clearance.”

More Information

National Security Database Academy

National Security Database Certification