CERT-In extends timeline for cyber security rules till September 25

BENGALURU: The Indian Computer Emergency Response Team (CERT-In) on Tuesday extended the timeline for the implementation of the new cyber security rules till September 25, 2022 to help Micro, Small and Medium Enterprises (MSMEs) make the transition smoothly.

Apart from MSMEs, Data Centres, Virtual Private Server (VPS) providers, Cloud Service providers and Virtual Private Network Service (VPN Service) providers are also provided with additional time till September 25, a release from Ministry of Electronics & IT (MeitY) said.

CERT-In is the national agency for performing various functions in the area of cyber security as per provisions of section 70B of the IT Act, 2000. It continuously analyses cyber threats and handles cyber incidents tracked and reported to it.

In April this year, CERT-In issued directions relating to information security practices to promote open, safe, trusted and accountable Internet in the country. According to the new directions, data centres, VPS and cloud service providers should register subscribers/customers names, period of hire including dates, email address and IP address and purpose of hiring services, among others, for a period of five years.

"MeitY and CERT-In are in receipt of requests for the extension of timelines for implementation of these Cyber Security Directions. Further, additional time has been sought for implementation of mechanism for validation of subscribers/customers by Data Centres, VPS providers, Cloud Service providers and VPN Services," MeitY said