Reporting cyber incidents in 6 hrs mandatory
The Indian Computer Emergency Response Team (CERT-In) has mandated that all cybersecurity incidents such as targeted scanning or probing of critical networks and systems, compromise of critical systems and information, unauthorised access of data and systems among others must be informed to it by the respective companies within six hours of either being made aware of the incident or becoming aware itself.
The new guidelines issued by CERT-In to companies operating in India say that service providers, intermediaries, data centres, companies and government organisations must mandatorily report such incidents within six hours.
“With respect to transaction records, accurate information shall be maintained in such a way that individual transaction can be reconstructed along with the relevant elements comprising of, but not limited to, information relating to the identification of the relevant parties including IP addresses along with timestamps and time zones, transaction ID, the public keys (or equivalent identifiers), addresses or accounts involved (or equivalent identifiers), the nature and date of the transaction, and the amount transferred,” CERT-In said.
Similarly, data centres, virtual private server providers, cloud service providers, and VPN providers shall be required to keep details like customer’s validated name, period of the service, IP addresses allotted and used, purpose for which the service was sought, address and contact number as well as ownership pattern.