CERT-In issues guidelines to plug security gaps at govt organisations

All government employees, including temporary, contractual, and outsourced professionals, are required to strictly adhere to the guidelines

To bridge the technical and policy gaps in cybersecurity of government organisations, the Indian Computer Emergency Response Team (CERT-In) on Friday released guidelines on information security practices for all government entities.

The guidelines require government organisations to mandatorily report cyber incidents to CERT-In within six hours of noticing them, like private entities do. They must do so even if third parties flag such incidents. The information shall be shared with stakeholders like sectoral CERTs and regulators.

“We are expanding and accelerating on Cyber Security – with focus on capabilities, system, human resources, and awareness. The guidelines are an important part