Introduction

During the course of handling cyber incidents and interactions with the constituency, CERT-In has identified certain gaps causing hindrance in incident analysis. To address the identified gaps and issues so as to facilitate incident response measures, CERT-In has issued directions relating to information security practices, procedure, prevention, response and reporting of cyber incidents under the provisions of sub-section (6) of section 70B of the Information Technology Act, 2000.

The directions make it mandatory for firms to report all incidents of cybersecurity vulnerabilities within six hours of noticing. The directions expand the range of what needs to be reported as it applies to all government and private sector companies. It also requires the maintenance of logs of ICT servers over a period of 180 days. The logs of company ICT servers will be aligned with the network time protocol (NTP) servers of India’s National Informatics Centre (NIC). CERT-In has reported that a total number of 14,02,809 cyber security incidents across various sectors such as E-commerce, energy, finance, government, healthcare, information technology, manufacturing, telecom, transportation, etc. were reported during the year 2021."

Ark Legal invites you to join us for colloquium where we discuss and brainstorm trailblazing legal and technical solutions to burning regulatory issues of the time. This colloquium is a high-powered closed-door gathering and provides a platform for exchanging thoughts and ideas for business problem solving through innovative legal and technical solutions. Participation in this colloquium is open to limited slots and by invitation only. If you wish to be a part of this event, please register for the event, and we will confirm your place subject to availability.