Cyber Laws

CERT-In issues “Guidelines on Information Security Practices” for Government Entities for Safe and Trusted Internet

30.06.2023

To address the goal of safe cyberspace, the Indian Computer Emergency Response Team (CERT-In) has released guidelines on information security practices. These guidelines, issued under the powers conferred by clause (e) of sub-section (4) of section 70B of the Information Technology Act, 2000, apply to all Ministries, Departments, Secretariats, and Offices specified in the First Schedule to the Government of India (Allocation of Business) Rules, 1961, along with their attached and subordinate offices. They also include all government institutions, public sector enterprises, and other government agencies under their administrative purview.

The Government of India has formulated policies aimed at ensuring safe and trusted and secure cyber space for its users in view of significance of a secure and trustworthy digital environment. It remains fully aware of the growing cyber threats and attacks present in today’s digital world. These guidelines are a roadmap for the Government entities and industry to reduce cyber risk, protect citizen data and continue to improve the cyber security ecosystem in the country. They will serve as a fundamental document for audit teams, including internal, external, and third-party auditors, to assess an organisation’s security posture against the specified cyber security requirements.

The guidelines include various security domains such as network security, identity and access management, application security, data security, third-party outsourcing, hardening procedures, security monitoring, incident management, and security auditing.India’s digital landscape has witnessed tremendous growth, with over 80 crore Indians (Digital Nagriks) actively utilizing the Internet and cyberspace, making it one of the largest connected nations in the world. Citizens are increasingly relying on the Internet to cater to their daily requirements, including aspects such as business, education, finance, and availing digital government services.

Tags : Security Practices Internet Guidelines

Share :