New CERT-In Directions: Overview and Implications
The Indian Computer Emergency Response Team, commonly referred as CERT-In was established in 2004 as the national agency responsible for acting in the face of cyber incidents, including making forecasts, undertaking emergency measures for handling such incidents, and issuing guidelines for infosec practices. Historically, CERT-In has been often criticized for its inaction on reported cyber security incidents. However, since 2021, it has taken a seemingly pro-active stance to seek more information and require reporting of incidents to affected individuals, as the lack of adequate and relevant information on cyber incidents significantly impacts the risk assessment and mitigation exercises. On April 28, 2022, CERT-In has notified a new set of directions relating to information security practices, procedures, prevention, response and reporting of cyber incidents for safe & trusted internet (Directions) under Section 70B(6) of the Information Technology Act.[1]
Read More: https://www.psalegal.com/new-cert-in-directions-overview-and-implications/
