Union Government Fixed a Deadline to Report Within Six Hours of Cybersecurity Incident

BANKING AND ECONOMY

For the first time, the Union Government fixed a deadline for all the Indian companies must report to the Indian Computer Emergency Response Team (Cert-In) regarding any form of a cybersecurity incident. They have to report within six hours of the incident. The notification was issued by the Union Ministry of Electronics and Information Technology (Meity).

The Ministry categorizes cybersecurity as 20 categories which also include defacement of websites, unauthorized access to social media, data breaches and data leaks.

The penalties under Section 70B of the Information Technology (IT) Act, 2000 remained unchanged. The penalties will be imposed on the companies for not responding to notices from Cert-In. The penalties include imprisonment of up to one year and a fine of up to ₹1 lakh.

Some experts termed the new regulations as ‘excessive’ and ‘overreaching’, as the new rules also require virtual asset service providers, such as cryptocurrency exchanges, to maintain five-year logs of know-your-customer (KYC) data and information on every financial transaction so that individual transactions can be reconstructed in case of a cyber incident.

Companies use time servers to connect to a reference server - in this case, the network time protocol (NTP) of the National Informatics Centre (NIC) and provide this time data to the rest of the server infrastructure. The same is used to coordinate time stamps across a company’s overall connected infrastructure.

 

   Important points for the exam:

  • The Union Ministry of Electronics and Information Technology (MeitY) issued a notification that fixed a deadline for all the Indian companies must report to the Indian Computer Emergency Response Team (Cert-In) regarding any form of a cybersecurity incident.
  • The fixed deadline is six hours after the incident.
  • For any violations, the penalties include imprisonment of up to one year and a fine of up to ₹1 lakh under Section 70B of the Information Technology (IT) Act, 2000.
  • The range of cyber incidents that need to be reported into 20 categories, including the defacement of websites, unauthorized access to social media, data breaches and data leaks.

   Facts to know:

  • Union Minister of Electronics and Information Technology: Mr.Ashwini Vaishnaw.
  • Indian Computer Emergency Response Team (Cert-In) was established in 2004.
  • CERT-In was created by the Indian Department of Information Technology.
  • Headquarters of CERT-In: New Delhi.
preparing for jeet

Preparing for Govt. Exams?

Here is you path to Jeet

View courses