Critical Information Infrastructure, as defined by the IT Act, refers to computer resources whose compromise could severely impact national security. The National Critical Information Infrastructure Protection Centre (NCIIPC) is designated as the national agency under Section 70A to safeguard such infrastructure. Disclosing details of cybersecurity breaches in critical sectors is considered a security risk.

Several initiatives have been implemented to enhance cybersecurity preparedness. The National Cyber Security Coordinator (NCSC) under the National Security Council Secretariat (NSCS) ensures coordination among agencies. The National Cyber Coordination Centre (NCCC), managed by CERT-In, scans cyberspace for threats and facilitates data sharing among agencies to mitigate risks. The Cyber Swachhta Kendra (CSK), a CERT-In initiative, provides tools to detect and remove malware while offering cybersecurity guidelines. Additionally, the Indian Cybercrime Coordination Centre (I4C), under the Ministry of Home Affairs, addresses cybercrimes effectively.

CERT-In operates a cyber threat intelligence exchange platform to analyze and share threat alerts. It has developed a Cyber Crisis Management Plan for ministries, state governments, and critical sectors. Regular cybersecurity mock drills assess preparedness, with 109 drills conducted involving 1,438 organizations. The agency also issues alerts on emerging threats and has empaneled 200 security auditors to oversee security practices.

Guidelines on information security and secure application development have been introduced. CERT-In also provides training programs, having trained 12,014 officials in 2024. Cybersecurity awareness initiatives, including online resources, are disseminated through multiple portals.

Collaboration with private sector entities and international agencies has strengthened cybersecurity measures. The Cyber Surakshit Bharat program educates Chief Information Security Officers (CISOs), while the National Centre of Excellence (NCoE) in Cyber Security fosters technology development. CERT-In works with industry partners and international cybersecurity organizations, maintaining cooperation agreements with countries including Bangladesh, Japan, the UK, and Russia to enhance global cybersecurity efforts.

News source: PIB