Technology News
  • Home
  • Internet
  • Internet News
  • Global Tech Industry Body Seeks Revision in India's Directive on Reporting of Cybersecurity Breach

Global Tech Industry Body Seeks Revision in India's Directive on Reporting of Cybersecurity Breach

ITI asked for a wider stakeholder consultation with the industry before finalising on the directive.

By Press Trust of India | Updated: 7 May 2022 10:43 IST
Global Tech Industry Body Seeks Revision in India's Directive on Reporting of Cybersecurity Breach

CERT-In asked firms to report cybersecurity breaches within 6 hours

Highlights
  • The directive has the potential to improve India's cyber security posture
  • Certain provisions in the bill may negatively impact global enterprises
  • CERT-In wants firms to enable logs of all their ICT systems
Advertisement

US-based technology industry body ITI, having global tech firms such as Google, Facebook, IBM and Cisco as its members, has sought a revision in the Indian government's directive on reporting of cyber security breach incidents. ITI said that the provisions under the new mandate may adversely impact organisations and undermine cybersecurity in the country.

ITI country manager for India Kumar Deep, in a letter to CERT-In chief Sanjay Bahl dated May 5, asked for a wider stakeholder consultation with the industry before finalising on the directive.

"The directive has the potential to improve India's cybersecurity posture if appropriately developed and implemented, however, certain provisions in the bill, including counterproductive incident reporting requirements, may negatively impact Indian and global enterprises and undermine cybersecurity," Deep said.

Indian Computer Emergency Response Team (CERT-In) on April 28 issued a directive asking all government and private agencies, including internet service providers, social media platforms and data centres, to mandatorily report cybersecurity breach incidents to it within six hours of noticing them.

The new circular issued by the CERT-In mandates all service providers, intermediaries, data centres, corporates and government organisations to mandatorily enable logs of all their ICT (Information and Communication Technology) systems and maintain them securely for a rolling period of 180 days and the same shall be maintained within the Indian jurisdiction.

ITI has raised concerns over the mandatory reporting of breach incidents within six hours of noticing, to enable logs of all ICT systems and maintain them within Indian jurisdiction for 180 days, the overbroad definition of reportable incidents and the requirement that companies connect to the servers of Indian government entities.

Deep, in the letter, said that the organisations must be given 72 hours to report an incident in line with global best practices and not just six hours.

ITI said that the government's mandate to enable logs of all covered entities' information and communications technology systems, maintain logs "securely for a rolling period of 180 days" within India and make them available to the Indian government upon request is not a best practice.

"It would make such repositories of logged information a target for global threat actors, in addition to requiring significant resources (both human and technical) to implement," Deep said.

ITI also raised concern on the requirement that "all service providers, intermediaries, data centres, body corporate and government organisations shall connect to the NTP servers of Indian labs and other entities for synchronisation of all their ICT systems clocks".

The global body said that the provisions could negatively affect companies' security operations as well as the functionality of their systems, networks and applications.

ITI said that the government's current definition of reportable incident to include activities such as probing and scanning is far too broad given probes and scans are everyday occurrences.

"It would not be useful for companies or CERT-In to spend time gathering, transmitting, receiving and storing such a large volume of insignificant information that arguably will not be followed up on," Deep said.

ITI has asked the government to defer timeline for implementation of the new directive and launch a wider consultation with all stakeholders for its effective implementation.

ITI demanded CERT-In to "revise the directive to address the concerning provisions with regard to incident reporting obligations, including related to the reporting timeline, scope of covered incidents and logging data localisation requirements".

Xiaomi 12 Pro is littered with features, but is that enough? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Cybersecurity, Google, IBM, Facebook, Cisco
Faulty Battery Cells, Modules Likely Caused E-Scooter Fires in India, Initial Probe Said to Find

Related Stories

Global Tech Industry Body Seeks Revision in India's Directive on Reporting of Cybersecurity Breach
Comment
Share on Facebook Gadgets360 Twitter Share Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Featured
Follow Us
Latest Videos
More Videos
Tech News in Hindi
More Technology News in Hindi

Advertisement

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. JioCinema Premium Plans With Ad-Free 4K Streaming Announced: See Price
  2. Apple iPhone 15 Receives Price Cut on Flipkart: Here's How Much It Costs
  3. OnePlus 13 Tipped to Feature Same Screen Size as the OnePlus 12
  4. OnePlus Watch 2 Gets a New Nordic Blue Colour Variant: See Price
  5. iQoo Z9 Turbo, iQoo Z9, iQoo Z9x Launched: Check Price, Specifications
  6. Oppo K12 With 100W Wired SuperVOOC Charging Launched: See Price
  7. Philips 5000 Series Indoor 360-Degree Security Camera Launched in India
  8. GTA San Andreas Cheat Codes for PC, PlayStation, Xbox, Switch and Mobile
  9. Flipkart Upcoming Sale 2024: Check out Next Sale Date and Best Offers
  10. Apple Might Finally Release a Calculator App for the iPad: Report
#Latest Stories
  1. Philips 5000 Series Indoor 360-Degree Security Camera With Offline Recording Launched in India
  2. Apple's Calculator App to Get a Major Upgrade, Could Be Released on the iPad: Report
  3. WhatsApp Now Supports Face Unlock for App Lock on Pixel 8 and Pixel 8 Pro
  4. Threads Is Testing an Automatic Post Archive Feature to Let Users Hide Old Posts
  5. US Seeks 3 Years Prison for Binance Founder Changpeng Zhao
  6. Nothing Phone 1 Gets ChatGPT Integration, RAM Booster, and More With Nothing OS 2.5.5 Update
  7. Hyundai, Kia to Launch First India-Made EVs Next Year
  8. Apple iPhone 15 Price in India Temporarily Cut on Flipkart: Here's How Much It Costs Now
  9. Oppo A3 With 6.67-Inch Display, 50-Megapixel Dual Rear Cameras Listed on TENAA
  10. Assassin's Creed Mirage Will Not Get DLC, but Protagonist Basim's Story Can Be Explored Further, Says Director
Gadgets 360 is available in
Follow Us
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »