New cyber security guidelines
Recently, the central government has issued new guidelines on cyber security.
These guidelines have been issued by the Indian Computer Emergency Response Team (CERT-IN). These have been issued under Section 70B of the Information Technology (IT) Act, 2000. These guidelines pertain to information security practices and reporting of cyber incidents.
According to CERT-IN, there has been a three-fold increase in cyber incidents in the year 2020 as compared to the year 2019. A total of 11.8 lakh cases of cyber security breaches were registered in the year 2020.
- All government and private agencies must mandatorily report all cyber breach incidents to CERT-IN within six hours.
- All service providers, intermediaries, data centers and government organizations must mandatorily activate all their communication and information technology (ICT) system logs.
- These must securely retain the logs for a rolling period of 180
- Also, these logs have to be maintained in Indian jurisdiction.
- Virtual Private Server (VPS) providers and cloud service providers are required to enter accurate information regarding customer names, customer recruitment services, etc.
- Also, this information has to be kept secure for a period of five years or more as mandated by law.
- This is an important step towards making India cyber secure. India has improved 37 places to 10th position in the Global Cyber Security Index (GCI) The improvement in the ranking reflects India’s commitment to cyber security.
Steps taken to improve cyber security
- National Cyber Security Policy, 2013 has been released.
- National Cyber Security Strategy 2020 has been prepared.
- The Union Home Ministry has set up the Indian Cyber Crime Coordination Center (14C).
- National Cyber Coordination Center (NCCC) has been established under CERT-IN.
Source – The Hindu