India’s National Association of Software and Services Companies (Nasscom) is setting up a watchdog organization that will focus on the introduction and monitoring of best data security and privacy practices in the country’s IT services, call center and business process outsourcing (BPO) industries.“We are planning a self-regulatory organization (SRO) that will be initially set up by Nasscom, but will operate independently with an independent chief executive officer and board,” said Sunil Mehta, vice president of Nasscom in Delhi.The move is one of several measures by Nasscom and the local industry to strengthen data security and privacy in the Indian call center and BPO industries. The organization set up a National Skills Registry in January that enables employers to do background checks of employees they hire.The initiatives by Nasscom come in the wake of allegations in the United States and United Kingdom that Indian call center workers have stolen and sold data processed by Indian outsourcing companies. The SRO aims to raise the bar in data security and privacy by including the best practices currently stipulated by certifications such as the ISO 17799 standard for information security of the International Organization for Standardization in Geneva, as well as data privacy and data protection laws worldwide, Mehta said.“We want to change the rules of outsourcing to India,” he said. “Customers should be interested in outsourcing to India not for lower cost alone, but because of the superior data protection and privacy we offer.” The SRO will be set up by Nasscom later this year, and the chief executive officer and board of directors will be appointed by the organization on behalf of the industry, Mehta said. Membership of the SRO will be open to IT, BPO, and call center companies.“Being a member of the SRO will in effect be a certification, as member companies will have to follow the best practices specified by the SRO,” he said.Besides setting benchmarks and training companies on the best data protection and data privacy practices, the new organization will also have the authority to punish and expel erring member companies.The SRO will be funded for one year by Nasscom, which has budgeted US$300,000 for the purpose. After the first year, the SRO is expected to finance itself from membership, training and audit fees.For more on data security, read 19 Ways to Build Physical Security into a Data Center.Keep checking in at our Security Feed page, or subscribe via RSS, for updated news coverage. By John Ribeiro, IDG News Service Related content news Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance Despite money pouring into programs around the world, training organizations have not managed to ensure employment for professionals, while entry-level professionals are finding it hard to land a job By Samira Sarraf Oct 02, 2023 6 mins CSO and CISO CSO and CISO CSO and CISO news Royal family’s website suffers Russia-linked cyberattack Pro-Russian hacker group KillNet took responsibility for the attack days after King Charles condemned the invasion of Ukraine. By Michael Hill Oct 02, 2023 2 mins DDoS Cyberattacks feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Security news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe