NIST's guidance for a Zero Trust Architecture

Uncategorized

Report breaches to CERT-In within six hours: Indian government’s order to organizations

On April 28, the Indian government’s Computer Emergency Response Team (CERT-In), the cyber response wing of Ministry of Electronics and IT (MeitY), issued a fresh order directing organizations (including service providers, intermediaries, data centers and corporate bodies) to report major security incidents, within six hours after notice.

In a move to improve incident response, protect organizational data/information and ICT infrastructure, the advisory stated: “CERT-In has issued directions relating to information security practices, procedure, prevention, response and reporting of cyber incidents under the provisions of sub-section (6) of section 70B of the Information Technology Act, 2000. These directions will become effective after 60 days.”

The report added, “The directions cover aspects relating to synchronization of ICT system clocks; mandatory reporting of cyber incidents to CERT-In; maintenance of logs of ICT systems; subscriber/customer registrations details by Data centers, Virtual Private Server (VPS) providers, VPN Service providers, Cloud service providers; KYC norms and practices by virtual asset service providers, virtual asset exchange providers and custodian wallet providers. These directions shall enhance overall cyber security posture and ensure a safe & trusted Internet in the country.”

The rule is said to take effect within sixty days post the order’s release.

Related posts
Recent AD NewsUncategorized

Chinese hackers exploit log4j to target VMWare Horizon servers

Uncategorized

The New 250 GB Upload Limit for Microsoft 365. Good or Bad?