The government is committed to ensure that Internet in India is open, safe, trusted and accountable for its users. The Indian Computer Emergency Response Team (CERT-In) is designated as the national agency for responding to cyber security incidents under the provisions of Section 70B of the Information Technology Act, 2000.
As per the information reported to and tracked by the CERT-In, a total of 1,40,2809, 1,39,1457 and 1,59,2917 cybersecurity incidents were observed during the year 2021, 2022 and 2023, respectively.
This was stated by Union Minister of State for Electronics and Information Technology Jitin Prasada in response to questions on plans to enhance cyber resilience asked by Ludhiana Rajya Sabha MP Sanjeev Arora during the ongoing winter session of the Upper House.
In a statement issued here today, Arora stated that the Union Minister said, “The government is fully cognizant and aware of enhancing cyber resilience at the national level, especially as digital threats continue to evolve globally. To strengthen the nation’s cybersecurity posture and ensure protection of the critical infrastructure, businesses and citizens, the government has taken several key initiatives.”
The minister said, “The government has given directions to all Central Ministries/Departments and states/UTs to appoint Chief Information Security Officers (CISOs) to deal with cybersecurity matters.”
“Also, the government has established the National Critical Information Infrastructure Protection Centre (NCIIPC) for the protection of critical information infrastructure in the country under the provisions of Section 70A of the Information Technology (IT) Act, 2000,” the minister said.
“The National Informatics Centre (NIC) provides IT support to ministries, departments and agencies of the Central and state governments and district administrators for various e-governance solutions and follows information security policies and practices in line with industry standards, aimed at preventing cyber-attacks and safeguarding data,” the minister said.
“CERT-In has formulated a Cyber Crisis Management Plan for countering cyber-attacks and cyber terrorism for implementation by all ministries and departments of the Central and state governments. It issued guidelines on information security practices for government entities in June 2023 covering several domains,” the minister added.
“CERT-In issued guidelines for secure application design, development and implementation and operations in September 2023. CERT-In also released the Software Bill of Materials (SBOM) guidelines for entities, particularly those in the public sector, government, essential services, organisations involved in software export and software services industry in October 2024 to help know exactly what components are in their software or assets, making it easier to identify and fix vulnerabilities,” the minister said.
“The key initiatives also include that CERT-In issues alerts and advisories regarding latest cyber threats/vulnerabilities and countermeasures to protect computers, mobile phones, networks, and data,” the minister said. “CERT-In has empanelled 155 security auditing organisations to support and audit implementation of information security best practices,” the minister added.