CERT-In mandates all companies to report cybersecurity incidents within six hours

Contact Counsellor

Last Updated02/05/2022

The new guidelines issued by CERT-In to companies operating in India say that service providers, intermediaries, data centres, companies and government organisations must mandatorily report cybersecurity incidents
It has mandated that all cybersecurity incidents such as targeted scanning or probing of critical networks and systems, compromise of critical systems and information, unauthorised access of data and systems among others must be informed to it by the respective companies within six hours of either being made aware of the incident or becoming aware itself.

It has been mandated by CERT-In that Virtual asset exchange providers, virtual asset service providers, and custodian wallet service providers must also save all information acquired as part of financial transaction records and the know your customer (KYC) process for a five-year term.

Individual transactions must be able to be recreated using the information in the transaction records. There must be an account of IP addresses, time zones, and timestamps, public keys (or equivalent identifiers), transaction ID, accounts or addresses involved, transferred amount, and the date and nature of the transaction.

The validated name of the customer, IP addresses utilised and allotted, period of the service, contact and address number, the purpose of the service, and ownership pattern must all be kept by virtual private server providers, data centres, VPN providers, and cloud service providers.

Cyberattacks on Indian organisations have more than doubled in recent years.
For instance, ransomware attacks on Indian organisations in 2021 increased 218% year-on-year (YoY), reported security firm Palo Alto Networks.
So its necessary to report such incidents at earliest to detect their origin as soon as possible.

Prelims Takeaway