Data Centres, VPS providers, Cloud Service providers and VPN Service providers are also given additional time for implementation of mechanisms relating to validation aspects of subscribers/customer’s details. CERT-In extends timelines for enforcement of Cyber Security Directions till 25 September 2022 for MSMEs and for the validation aspects of subscribers/customer’s details. It will enable MSMEs to build the capacity required for the implementation of the Cyber Security Directions of 28.04.2022.
On the 28th of Jun month of 2022, the CERT-in issued Some guidelines,
The Indian Computer Emergency Response Team (CERT-In) serves as the national agency for performing various functions in the area of cyber security in the country as per provisions of section 70B of the IT Act, 2000. CERT-In continuously analyses cyber threats and handles cyber incidents tracked and reported to it.
CERT-In issued directions relating to information security practices in the exercise of powers bestowed u/s 70B(6) of the Information Technology Act to promote Open, Safe & Trusted and Accountable Internet in the country on 28 April 2022.
Subsequently, in response to general queries received by CERT-In, a set of Frequently Asked Questions (FAQs) document was also released by Hon’ble Minister of State for Electronics & Information Technology & Skill Development and Entrepreneurship, Shri Rajeev Chandrasekhar on 18 May 2022 to enable better understanding of various stakeholders as well as to promote Open, Safe & Trusted and Accountable Internet in the country.
MeitY and CERT-In are in receipt of requests for the extension of timelines for implementation of these Cyber Security Directions of 28th April 2022 in respect of Micro, Small and Medium Enterprises (MSMEs). Further, additional time has been sought for the implementation of mechanisms for the validation of subscribers/customers by Data Centres, Virtual Private Server (VPS) providers, Cloud Service providers and Virtual Private Network Service (VPN Service) providers.
The matter has been considered by CERT-In and it has been decided to provide an extension till 25 September 2022 to Micro, Small and Medium Enterprises (MSMEs) in order to enable them to build the capacity required for the implementation of the Cyber Security Directions.
In addition, Data Centres, Virtual Private Server (VPS) providers, Cloud Service providers and Virtual Private Network Service (VPN Service) providers are also provided with additional time till 25 September 2022 for the implementation of mechanisms relating to the validation aspects of the of subscriber’s/customers details. The order to this effect is available at https://www.cert-in.org.in/Directions70B.jsp
An additional set of FAQs is also being published at https://www.cert-in.org.in/Directions70B.jsp which would address specific queries received by CERT-In recently.