|
Indian Computer Emergency Response Team
(CERT-In) was established by the Department of
Information Technology, Govt. of India in January
2004 with a specific mandate to respond to computer
security incidents. With the passage of Information
Technology (Amendment) Act 2008, CERT-In has been
designated as Nodal agency for coordinating all
matters related to cyber security and emergency
response. It is now assigned with the task of
oversight of the Indian cyber space for enhancing
cyber protection, enabling security compliance and
assurance in Government and critical sectors and
facilitating early warning & response as well as
information sharing and cooperation.
Within few years of existence, CERT-In has been able
to establish itself as a trusted referral agency
with necessary capabilities to respond to cyber
security incidents. In the process, CERT-In has been
able to get into working relationships with all the
leading security organizations and vendors across
the world in the form of MoU, to achieve the
necessary force multiplier effect in responding to
cyber security incidents. In addition, specific
capabilities have been developed to engage itself in
effective cyber forensic as well as analysis of
malicious codes.
CERT-In has published a Crisis Management Plan for
Countering Cyber Attacks and Cyber Terrorism in the
country and is working towards its implementation
across Govt. and critical sectors in the country. In
order to support the organizations in the critical
sector and the Government in enhancing their ability
to resist cyber attacks and improving their security
posture, CERT-In has created a panel of IT security
auditors that can provide wide range of security
auditing services on commercial basis. With this
kind of institution building activities, CERT-In is
now able to provide its reactive and proactive
services on 24x7 basis and is effectively
collaborating the international agencies engaged in
similar work for real time information sharing and
problem resolution in the cyber space.
In order to effectively secure the Indian cyber
space, CERT-In is assisting the Department of
Information Technology to put in place a national
cyber security strategy and a national information
security governance policy. The elements of national
cyber security strategy are:
- Security legal framework and law-enforcement
- Security early warning and response
- Security compliance and assurance
- Security education awareness and training
- Security technology R&D
- Security information sharing and cooperation
In pursuit of the cyber security strategy, CERT-In
has been working towards Preventing cyber attacks
against country’s critical information
infrastructure; Reducing national vulnerability of
cyber attacks and Minimizing damage and recovery
time from cyber attacks.
Specific challenges in securing the cyber space are:
- Reaching out to the user community in
creating necessary awareness on the need for
cyber security and also on the need for them
to play their roles in a responsible manner
- Sharing of information with CERT-In with
regard to the occurrence of cyber security
incidents to enable better preparation and
prevention.
- Overcoming the technical and legal
barriers to move beyond our country’s
borders to reach the sources of trouble -
Most serious cyber crimes such as economic
fraud, cyber terrorism and cyber war fare
are invariably perpetrated from sources
located outside the country using networks
of compromised computers located both inside
and outside the country. Since the sources
of trouble are outside the country,
invariably there would be technical and
legal challenges to deal with and actually
getting to the root of the problem. For this
purpose, increased international cooperation
is the need of the hour and CERT-In has been
able establish good working relationships
with international organizations such as AP
CERT & Forum of Incident response (FIRST,
US) and overseas CERTs.
For ensuring safety and security of cyber
space, it is not only necessary to have an
effective incident response mechanism such
as the one already established by CERT-In,
but also develop suitable ability and
mechanism to harness real time information
on the cyber security incidents even before
they occur. In view of this, future roadmap
of CERT-In includes real time incidents
information collection, analysis and
dissemination for effective security
incidents prevention and protection. With
this, it would be possible for CERT-In to
provide tailored security advisories to the
users community in the country enabling them
to take timely and effective preventive
actions. (PIB Features)
*Input from the Department of Information
Technology
RTS/VN
SS-10/SF-10/15.01.2010 |
