ICT Cyber Policies

ICT sector cyber policies focus on creating a secure, resilient digital ecosystem through public-private partnerships, strengthening critical information infrastructure (CII), and implementing robust, mandated security audits. Key frameworks, such as India's National Cyber Security Policy-2013 and CERT-In guidelines, mandate incident response, auditing, and threat detection mechanisms. 

Core Components of ICT Cyber Policies

• National Cyber Security Policy (NCSP)-2013: Focuses on creating a resilient cyberspace, mitigating vulnerabilities, and building a trusted digital infrastructure.

• Protection of Critical Information Infrastructure (CII): NCIIPC operates 24/7 to protect vital sectors like banking, telecom, energy, and defense.

• CERT-In Mandates (2022-2025): Requires mandatory reporting of cyber incidents within 6 hours, mandates periodic security audits, and issues guidelines for IoT and cloud computing, including the use of empanelled auditors.

• Regulatory Framework: Based on the IT Act 2000 (and 2008 Amendment), strengthening compliance for sensitive personal data protection and cybersecurity practices.

• Capacity Building: Focuses on training cybersecurity professionals, raising user awareness, and enhancing R&D in security technologies.

Key National Security Infrastructure:

• National Critical Information Infrastructure Protection Centre (NCIIPC): Dedicated to protecting critical infrastructure.

• National Cyber Coordination Centre (NCCC): Scans internet traffic for malicious threats and facilitates inter-agency coordination.

• Cyber Swachhta Kendra (CSK): A Botnet Cleaning and Malware Analysis Centre to assist users in removing malicious software. 

Mandatory Compliance Measures (CERT-In):

• 6-Hour Reporting: Mandatory reporting of specified cyber incidents to CERT-In within 6 hours.

• Log Retention: ICT entities must maintain logs of their systems within India for 180 days.

• Audits: Mandatory annual cyber security audits for organizations managing critical infrastructure.