What's New :
Target PT - Prelims Classes 2025. Visit Here
What's New :

info@iasscore.in

8448496262

हिन्दी

CURRENT AFFAIRS FOR UPSC IAS

CERT-In guidelines for Cyber Security breach

facebook sharing button
telegram sharing button
whatsapp sharing button
twitter sharing button
twitter sharing button Copy

Published: 7th May, 2022

Context

CERT-In has asked all government and private agencies, including internet service providers, social media platforms and data centres, to mandatorily report cyber security breach incidents to it within six hours of noticing them.

About

The new directives:

  • The directions have been issued under the provisions of sub-section (6) of section 70B of the Information Technology Act, 2000 after CERT-In found certain gaps that were “causing hindrance to incident analysis".
  • CERT-In said these directions will enhance “overall cybersecurity posture" and guarantee “safe and trusted Internet" in the country.
  • Under the directions on incident reporting, CERT-In has said that service providers will also have to provide information and assistance to CERT-In for any action taken to mitigate the impact of the cyber incident.
  • The information has to be provided in a specified format and time frame, failing which it will be treated as non-compliance, CERT-In warned.
  • The new directions issued by CERT-In require virtual asset, exchange, and custodian wallet providers to maintain records on KYC and financial transactions for a period of five years.
  • Companies providing cloud, virtual private network (VPN) will also have to register validated names, emails, and IP addresses of subscribers.
  • To ensure the chain of events is accurately reflected in the time frame, service providers have been asked to connect and synchronize all their ICT systems clocks to the Network Time Protocol (NTP) Server of the National Informatics Centre (NIC) or National Physical Laboratory (NPL).
  • NTP is a protocol used for reliably transmitting and receiving accurate time sources over TCP/IP-based networks.
  • It is used for synchronizing the internal clock of computers to a common time source.
  • CERT-In has also directed service providers to enable and securely maintain logs of all their ICT systems for a period of 180 days.
  • The cyber incidents that require mandatory reporting include everything from phishing attacks, identity theft, data breach, data leak, IoT attacks to targeted scanning of critical networks, compromise of critical systems, defacement of websites, or malicious code attacks such as ransomware, spyware or crypto miners. 

CERT-In:

  • CERT-In is the national nodal agency for responding to computer security incidents as and when they occur.
  • The constituency of CERT-In is the Indian Cyber Community.
  • CERT-In was established in 2004 as a functional organization of the Ministry of Electronics and Information Technology.
  • The purpose of CERT-In is to respond to computer security incidents, report on vulnerabilities and promote effective IT security practices throughout the country.
  • The Computer Emergency Response Team (CERT-In) has been designated to serve as the national agency to perform the following functions:
    • To collect and analyse information on cyber incidents
    • To forecast and give alerts of cybersecurity incidents
    • To provide emergency measures for handling cybersecurity incidents 
    • To coordinate cyber incident response activities
    • To issue guidelines, advisories, vulnerability notes and white papers relating to information security practices, procedures, prevention, response and reporting of cyber incidents

More Articles

Nag Mk-2 Anti-Tank Missile
Ayushman Bharat Pradhan Mantri Jan Arogya Yojana (AB PM-JAY)
Tensions Along LAC and LoC
India-Bangladesh Broder Fencing
Swami Vivekananda (1863 –1902)
Japan Earthquake
X

Verifying, please be patient.

GS SCORE is a teaching platform for Civil Services Examination, both in classroom and online.

Our Center

Delhi (Karol Bagh) Centre

GS SCORE, Second Floor, Metro Tower, 1B, Pusa Road,
Karol Bagh, New Delhi - 110005 (Beside Karol Bagh
Metro Station Gate No. 8)

Email: info@iasscore.in

Phone: +91 8448496262

COURSES

TOPPER'S CORNER

RESOURCES

STATE PCS

ACTIVITY

POLICY

Still Have Questions?

84484 96262
Enquire Now