The Ministry of Electronics and Information Technology, or MeitY, under the Government of India, unveiled the Draft Digital Personal Data Protection Rules on Jan. 3, 2025. The DPDP Rules mark a pivotal moment in India's regulatory landscape, setting stringent guidelines for handling personal data. These rules significantly elevate responsibilities for CISOs, focusing on data privacy, security and compliance. Non-compliance risks include significant financial penalties, loss of customer trust and operational disruptions, underscoring the critical need for proactive alignment with these regulations.

The fundamental questions are: What challenges do these rules present and what changes must CISOs implement to comply with the Act's clauses? 

In this session, the panelists will cover: 

• The implications of the DPDP Rules on enterprise security;
• Imperative changes security leaders must implement for compliance;
• Evolving a new governance structure amid AI-driven innovations without compromising security;
• Critical clauses that help respond to breaches.