Cybersecurity Incidents on rise: 1592917 Cases in 2023 vs. 1391457 in 2022, Minister reveals to MP Arora in Rajya Sabha
The Government is committed to ensure that the Internet in India is Open, Safe, Trusted and Accountable for its users. The Indian Computer Emergency Response Team (CERT-In) is designated as the national agency for responding to cyber security incidents under the provisions of section 70B of the Information Technology Act, 2000. As per the information reported to and tracked by Indian Computer Emergency Response Team (CERT-In), total number of 1402809, 1391457 and 1592917 cyber security incidents are observed during the year 2021, 2022 and 2023, respectively.
Ludhiana, December 10, 2024: The Government is committed to ensure that the Internet in India is Open, Safe, Trusted and Accountable for its users. The Indian Computer Emergency Response Team (CERT-In) is designated as the national agency for responding to cyber security incidents under the provisions of section 70B of the Information Technology Act, 2000. As per the information reported to and tracked by Indian Computer Emergency Response Team (CERT-In), total number of 1402809, 1391457 and 1592917 cyber security incidents are observed during the year 2021, 2022 and 2023, respectively.
This was answered by Union Minister of state for Electronics and Information Technology Jitin Prasada in response to questions on plans to enhance cyber resilience asked by MP (Rajya Sabha) from Ludhiana Sanjeev Arora in the ongoing winter session of Rajya Sabha.
In a statement issued here today, Arora said the Ministered answered that the government is fully cognizant and aware of enhancing cyber resilience at the national level, especially as digital threats continue to evolve globally. To strengthen the nation's cybersecurity posture and ensure the protection of critical infrastructure, businesses and citizens, the government has taken several key initiatives.
The government has given directions to all Central Ministries/Departments and States/UTs to appoint Chief Information Security Officers (CISOs) to deal with cyber security matters.
Also, the Government has established the National Critical Information Infrastructure Protection Centre (NCIIPC) for protection of critical information infrastructure in the country under the provisions of section 70A of the Information Technology (IT) Act, 2000. National Informatics Centre (NIC) provides IT support to ministries, departments and agencies of the Central Government, State Governments and district administrators for various e-governance solutions and follows information security policies and practices in line with industry standards and practices, aimed at preventing cyber-attacks and safeguarding data.
CERT-In has formulated a Cyber Crisis Management Plan for countering cyber-attacks and cyber terrorism for implementation by all Ministries/ Departments of Central Government, State Governments and their organizations and critical sectors. It issued guidelines on information security practices for government entities in June 2023 covering domains such as data security, network security, identity and access management, application security, third-party outsourcing, hardening procedures, security monitoring, incident management and security auditing.
CERT-In issued Guidelines for Secure Application Design, Development, and Implementation & Operations in September 2023. CERT-In has also released the Software Bill of Materials (SBOM) guidelines for entities, particularly those in the public sector, government, essential services, organizations involved in software export and software services industry in October 2024 to help organizations know exactly what components are in their software or assets, making it easier to identify and fix vulnerabilities.
The key initiatives also include that CERT-In issues alerts and advisories regarding latest cyber threats/vulnerabilities and countermeasures to protect computers, mobile phones, networks, and data on an ongoing basis. CERT-In operates an automated cyber threat intelligence exchange platform for proactively collecting, analysing, and sharing tailored alerts with organisations across sectors for initiative-taking threat mitigation actions by them. It has empanelled 155 security auditing organisations to support and audit implementation of Information Security Best Practices.