• Search for:
14Nov, 2024
Concern over incident reporting timeline

In May, 11 industry bodies wrote a joint letter to the Director General of CERT-In, expressing their concern over the detrimental impact of this directive on cybersecurity, and the difficulty it posed for companies trying to do business in India. The companies have specifically flagged the six-hour incident reporting timeline and an overbroad definition of reportable incidents, as problematic.

 

7Jul, 2022
Exit of VPNs just the beginning: CERT-In’s cybersecurity rules will affect many players

Last week, leading Virtual Private Network providers, Surfshark, NordVPN and ExpressVPN, withdrew their servers from India. The VPNs have alleged that cybersecurity directives issued on 28 April 2022 by the Indian Computer Emergency Response Team would render their privacy-oriented business model meaningless, as they require them to log details of all the persons who access their servers. These directives will come into effect on 28 June 2022. However, CERT-In’s directive has met with severe backlash from various other technological companies, since they feel that this is just the beginning, and the fallout will not be limited to the exit of VPNs.