The Indian Computer Emergency Response Team (CERT-In) has stirred quite a noise with the announcement of its new and mandatory cyber security guidelines (announced on 28 April 2022) for all service providers, data centres, VPS providers, cloud service providers, VPN service providers, and government organisations.Failing to conform to the directives shall invite disciplinary action under sub-section (6) of section 70B of the Information Technology (IT) Act, 2000 and otherdisciplinary laws as applicable.
According to the new CERT-In guidelines, all service providers, data centres, intermediaries, body corporates and Government organizations are now mandated to enable the logs of all their Information and Communications Technology (ICT) systems and maintain the same in a secure manner for a period of 180 days i.e. 6 months approx.
Under the new CERT-In directive, all virtual private server providers, virtual private network service providers, data centres, and cloud service providers are required to register information such as validated names of users/subscribers, validated contact numbers and addresses, etc. for a period of 5 years or longer.
Further, the directive mandates all the virtual asset exchange providers, virtual asset service providers and custodian wallet providers to maintain all the information and records obtained as KYC or Know Your Customer of all financial transactions for a period of 5 years.
| Security Infrastructure | Server Infrastructure | Network Infrastructure | Infrastructure-as-a-Service (IaaS) |
|---|---|---|---|
| Endpoint Detection & Response (EDR) | Windows server | Switches (via Syslog server) | Microsoft Azure |
| Active Directory & Firewall | Web server | Routers (via Syslog server) | Amazon Web Services (AWS) |
| Network IDS / IPS | DNS server | Google Cloud Platform (GCP) | |
| Web Proxy | Linux server | ||
| Data Loss Prevention (DLP) solution | |||
| Authentication |
As per CERT-In new release, all service providers, data centres, intermediaries, body corporate and Government organisations need to mandatorily report cyber incidents as mentioned in Annexure I to CERT-In within 6 hours of noticing a breach or attack.
To meet CERT-In’s 180-day log retention requirement a comprehensive log management offering
Leverage industry-leading and advanced threat intelligence IBM platform and tools including IBM QRadar, IBM Watson AI, IBM X-Force, IBM MaaS360, IBM Verify Access, IBM Guardium and more utilized by 100+ customers
Flexible SLAs, deployment and engagement models
Competitive pricing to fit your budget and compliance needs
Faster TTV (time to value), comply in as soon as 2-3 weeks
Better interoperability and reduced TCO
To meet CERT-In’s incident monitoring and reporting requirement includes all-things CERT-In Essentials, plus the following
Powerful SIEM for real-time log management and security log monitoring
Deploy a powerful security framework to operate on integrated log data
Generate notifications and alerts for potential incidents
Leverage intelligent querying and dashboarding capabilities for investigations (IBM Watson AI)
Leverage integrated and smart ticketing capabilities for incident and log management
Monitor log-in attempts and report discrepancies in real-time
Consolidate logs on a centralized server
Deploy powerful security controls over logs with role-based access control & file integrity monitoring
Ensure prompt cyber incident response (powered by IBM QRadar and intelligence feeds from IBM X-Force)
Get maximum ROI on CERT-In security compliances includes all-things CERT-In Advanced, plus the following
Deploy Linux/ Windows server monitoring use cases
Deploy powerful network device monitoring use cases
Deploy Azure/Amazon/GCP monitoring use cases and more
Partner with a state-of-the-art and fully equipped C-SOC (SOC 2 Type 2 Compliant) that offers CERT-In compliant cyber security services to organisations across the country.
Make your business more successful with latest tips and updates for technologies
