Indian Computer Emergency Response Team (CERT-In) was established by the Department of Information Technology, Govt. of India in January 2004 with a specific mandate to respond to computer security incidents. With the passage of Information Technology (Amendment) Act 2008, CERT-In has been designated as Nodal agency for coordinating all matters related to cyber security and emergency response. It is now assigned with the task of oversight of the Indian cyber space for enhancing cyber protection, enabling security compliance and assurance in Government and critical sectors and facilitating early warning & response as well as information sharing and cooperation.
Within few years of existence, CERT-In has been able to establish itself as a trusted referral agency with necessary capabilities to respond to cyber security incidents. In the process, CERT-In has been able to get into working relationships with all the leading security organizations and vendors across the world in the form of MoU, to achieve the necessary force multiplier effect in responding to cyber security incidents. In addition, specific capabilities have been developed to engage itself in effective cyber forensic as well as analysis of malicious codes.
CERT-In has published a Crisis Management Plan for Countering Cyber Attacks and Cyber Terrorism in the country and is working towards its implementation across Govt. and critical sectors in the country. In order to support the organizations in the critical sector and the Government in enhancing their ability to resist cyber attacks and improving their security posture, CERT-In has created a panel of IT security auditors that can provide wide range of security auditing services on commercial basis. With this kind of institution building activities, CERT-In is now able to provide its reactive and proactive services on 24×7 basis and is effectively collaborating the international agencies engaged in similar work for real time information sharing and problem resolution in the cyber space.
In order to effectively secure the Indian cyber space, CERT-In is assisting the Department of Information Technology to put in place a national cyber security strategy and a national information security governance policy.
In pursuit of the cyber security strategy, CERT-In has been working towardsPreventing cyber attacks against country’s critical information infrastructure; Reducing national vulnerability of cyber attacks and Minimizing damage and recovery time from cyber attacks.
For ensuring safety and security of cyber space, it is not only necessary to have an effective incident response mechanism such as the one already established by CERT-In, but also develop suitable ability and mechanism to harness real time information on the cyber security incidents even before they occur. In view of this, future roadmap of CERT-In includes real time incidents information collection, analysis and dissemination for effective security incidents prevention and protection. With this, it would be possible for CERT-In to provide tailored security advisories to the users community in the country enabling them to take timely and effective preventive actions.