The Indian Computer Emergency Response Team (CERT-In) is designated as the national nodal agency under Section 70B of Information Technology Act 2000 for responding to cyber security incidents. To achieve this mandate, CERT-In is regularly interacting and working with various stakeholders such as Government Departments, Public Sector Units, Sectoral/State CSIRTs, Information Sharing & Analysis Centres (ISACs), Security product vendors including antivirus Companies, Internet Service Providers (ISPs), Law Enforcement Agencies (LEAs), Academia, Social Media, International CERTs and Global & Regional multilateral cyber security forums.
CERT-In performs the following functions in the area of cyber security as mandated by the Information Technology Act 2000 under provisions of Section 70B and rules thereof:
- Collection, analysis and dissemination of information on cyber incidents.
- Forecast and alerts of cyber security incidents.
- Emergency measures for handling cyber security incidents.
- Coordination of cyber incidents response activities.
- Issue guidelines, advisories, vulnerability notes and whitepapers relating to information security practices, procedures, prevention, response and reporting of cyber incidents.
- Such other functions relating to cyber security as may be prescribed.
Role of CERT-In:
Incident Response (Reactive Service)
- Operating Incident Response Helpdesk on 24X7 basis
- Evidence collection & incident investigation
Incident Prevention and Security Awareness (Proactive Service)
- Tracking of Security Threats and Cyber attacks
- Issuance of Security Alerts and Advisories
- Conducting Security Workshops and Security Awareness Programs
Security Quality Management Services
- Promotion of Security Best Practices and Security Standards
- Empanelment of Security Auditors
- Conducting Cyber Security Exercises/Drills
- Implementation of Cyber Crisis Management Plan (CCMP)
Security Assurance framework and Audit Services
- Empanelment of Security Auditors to carry out information security audit, including the vulnerability assessment and penetration test of the networked infrastructure of government and critical sector organizations.
- Episodic security audits of key organizations for enhancing their security posture.
Cyber Forensics
Early Warning System
Entities working in the area of cyber security with primary goals to achieve secure cyber eco system are encouraged to collaboratewith CERT-In to bring synergy in these efforts.
Collaboration between CERT-In and Industry will facilitate exchange of information in a timely manner for preventing cyber attacks as well as providing support in incident response activity to enhance the cyber security posture of the country. Such collaboration can be facilitate through Memorandum of Cooperation agreements.
Entities interested in collaboration may contact CERT-In via email to collaboration@cert-in.org.in Tel: +11-24368552 Ext: 223.
|
|
|