• Home
  • Internet
  • Internet News
  • Global Tech Industry Body Seeks Revision in India's Directive on Reporting of Cybersecurity Breach

Global Tech Industry Body Seeks Revision in India's Directive on Reporting of Cybersecurity Breach

ITI asked for a wider stakeholder consultation with the industry before finalising on the directive.

Global Tech Industry Body Seeks Revision in India's Directive on Reporting of Cybersecurity Breach

CERT-In asked firms to report cybersecurity breaches within 6 hours

Highlights
  • The directive has the potential to improve India's cyber security posture
  • Certain provisions in the bill may negatively impact global enterprises
  • CERT-In wants firms to enable logs of all their ICT systems

US-based technology industry body ITI, having global tech firms such as Google, Facebook, IBM and Cisco as its members, has sought a revision in the Indian government's directive on reporting of cyber security breach incidents. ITI said that the provisions under the new mandate may adversely impact organisations and undermine cybersecurity in the country.

ITI country manager for India Kumar Deep, in a letter to CERT-In chief Sanjay Bahl dated May 5, asked for a wider stakeholder consultation with the industry before finalising on the directive.

"The directive has the potential to improve India's cybersecurity posture if appropriately developed and implemented, however, certain provisions in the bill, including counterproductive incident reporting requirements, may negatively impact Indian and global enterprises and undermine cybersecurity," Deep said.

Indian Computer Emergency Response Team (CERT-In) on April 28 issued a directive asking all government and private agencies, including internet service providers, social media platforms and data centres, to mandatorily report cybersecurity breach incidents to it within six hours of noticing them.

The new circular issued by the CERT-In mandates all service providers, intermediaries, data centres, corporates and government organisations to mandatorily enable logs of all their ICT (Information and Communication Technology) systems and maintain them securely for a rolling period of 180 days and the same shall be maintained within the Indian jurisdiction.

ITI has raised concerns over the mandatory reporting of breach incidents within six hours of noticing, to enable logs of all ICT systems and maintain them within Indian jurisdiction for 180 days, the overbroad definition of reportable incidents and the requirement that companies connect to the servers of Indian government entities.

Deep, in the letter, said that the organisations must be given 72 hours to report an incident in line with global best practices and not just six hours.

ITI said that the government's mandate to enable logs of all covered entities' information and communications technology systems, maintain logs "securely for a rolling period of 180 days" within India and make them available to the Indian government upon request is not a best practice.

"It would make such repositories of logged information a target for global threat actors, in addition to requiring significant resources (both human and technical) to implement," Deep said.

ITI also raised concern on the requirement that "all service providers, intermediaries, data centres, body corporate and government organisations shall connect to the NTP servers of Indian labs and other entities for synchronisation of all their ICT systems clocks".

The global body said that the provisions could negatively affect companies' security operations as well as the functionality of their systems, networks and applications.

ITI said that the government's current definition of reportable incident to include activities such as probing and scanning is far too broad given probes and scans are everyday occurrences.

"It would not be useful for companies or CERT-In to spend time gathering, transmitting, receiving and storing such a large volume of insignificant information that arguably will not be followed up on," Deep said.

ITI has asked the government to defer timeline for implementation of the new directive and launch a wider consultation with all stakeholders for its effective implementation.

ITI demanded CERT-In to "revise the directive to address the concerning provisions with regard to incident reporting obligations, including related to the reporting timeline, scope of covered incidents and logging data localisation requirements".


Xiaomi 12 Pro is littered with features, but is that enough? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Further reading: Cybersecurity, Google, IBM, Facebook, Cisco
Faulty Battery Cells, Modules Likely Caused E-Scooter Fires in India, Initial Probe Said to Find
Share on Facebook Tweet Snapchat Share Reddit Comment
 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2022. All rights reserved.