CERT-In is the national nodal agency of India entrusted with the responsibility of responding to any untoward incidents that occur in the world of cybersecurity. In charge of reporting vulnerabilities in the computer world, it also promotes effective security practices in IT across India.
Mandated by the Government of India, CERT-In stands for Computer Emergency Readiness Team, India. It was created in 2004 by the Department of Electronics and Information Technology.
Functions of CERT-In
CERT-In operates with a vision ‘to build secure and resilient cyberspace for citizens, businesses and Government.’ Under the Information Technology Amendment Act 2008, CERT-In has the following functions:
•Collect, analyze and disseminate cyber incident information
• Have an emergency protocol in place in the event of cybersecurity breaches
• Coordinate all activities related to cybersecurity response
• Create forecasts and alerts on cybersecurity incidents
• Issue guidelines on prevention, reporting, and the response of cyber incidents
• Issue advisories and notes on vulnerabilities of the cyberworld
• Any other functions related to cybersecurity
Role of CERT-In
The organization plays a vital role in the following areas:
• Computer Security Incident Response - It plays a reactive role in this area wherein the organization responds to adverse incidents as and when they occur.
• Computer Security Incident Prevention - CERT-In plays a pivotal role in taking measures to prevent cybersecurity issues proactively.
• Security Quality Management Services - In addition, it also helps boost quality in security management.
Latest Updates by CERT-In
On a regular basis, CERT-In advises businesses and customers to safeguard their data. Some of the recent updates and advisories from CERT-In are as follows:
- In a recent incident, it urged OnePlus customers to change their passwords after a global system breach was detected
- CERT-In announced that till October 2019, around 3.13 lakh cybersecurity incidents were reported across India
- CERT-In had warned ISRO regarding a probable phishing attack during the Chandrayan - 2 mission
- When Whatsapp was attacked by Israeli spyware, CERT-In issued an advisory regarding the severity of the threat and protective measures
Key sectors vulnerable to cyber attacks in India
According to a report released by CERT-In, there are key targeted sectors in India that find themselves more vulnerable than others. They are:
|Government||16.5%||APT, Website intrusion|
|State Government and local bodies||10.5%||APT, Website intrusion, DoS|
|Banking||13.2%||Phishing, DDos, ATM fraud, PoS malware|
|e-Commerce||10%||Data breach, DDoS (NTP)|
|Transportation||7.5%||Cata breach, DDoS|
|Others||10.2%||Mobile malware, social networking, Email|
In the ever-changing virtual world, cyber threats loom in large numbers. If you run a business or a company in today’s world, you are most certainly exposed to a cyber attack sooner or later. So it’s important to stay on top off things. Data shows that many companies have zero budget for cybersecurity, but when a data breach does happen, it costs millions. The need to invest in security measures is increasing rapidly.
But apart from investing financially, you can also take other measures that will help keep hackers at bay. CERT-In can help you strengthen your company’s safety and security online.
How can your business benefit from CERT-In?
As a business, you can use CERT-In proactively as well as reactively. CERT-In has a lot to offer a company before and after an attack. Here are some of the benefits you can get from CERT-In
• They have a 24x7 incident response help desk. In case you face a cyber attack, a data breach or any kind of hack, you can report it immediately to CERT-In at any time of day!
• They constantly monitor security statuses and issue alerts or advisories. So it would be beneficial to follow them and be up to date on incidents, issues, threats, etc.
• They conduct cybersecurity drills at a regional, national and international level. You can learn how to handle hacks and attacks if they occur.
• CERT-In conducts audits on a select basis, so your organization could be audited for security randomly. This makes organizations ensure proper security protocol is in place.
• They also have security awareness programs periodically.
More importantly, you can get timely information on emerging and current vulnerabilities and threats in the cyber world. You can also get advice on how to protect your network and get alerts on viruses. All you have to do is subscribe to their mailing list by sending an e-mail with your details in PDF format to firstname.lastname@example.org.
CERT-In is very helpful in case your business faces a cyber threat, however, being aware of the organization even before an attack can help your business security tremendously. After all, prevention is better than cure!