Fill in your details and we'll send the latest research reports directly to your inbox.
Thank you! The Infosec Reports link has been sent to your email. Our team will also be in touch shortly.
Check your inbox in a few minutesCompliance support aligned to CERT-In incident reporting and log retention mandates. Ensure your organization meets the stringent 6-hour reporting timelines and national cybersecurity guidelines.
The Indian Computer Emergency Response Team (CERT-In) issued new directions in 2022 under Section 70B of the IT Act, 2000. These directives mandate stringent cybersecurity guidelines for service providers, intermediaries, body corporates, and government organizations, including the mandatory reporting of severe cyber incidents within 6 hours and maintaining secure IT logs for a rolling period of 180 days.
Our compliance support services help your organization align with these critical national mandates. We validate your log management architecture, assess your forensic readiness, and establish a robust, legally defensible incident documentation framework to ensure full regulatory compliance and prevent legal penalties.
Coverage Areas:
We systematically evaluate your organization's current IT and security posture against the specific directives outlined in the CERT-In 2022 mandate.
This discovery phase identifies critical areas of vulnerability, specifically focusing on your current capability to detect, analyze, and report cyber incidents within the legally required timeframes.
CERT-In mandates the secure retention of ICT system logs for a rolling period of 180 days. We validate your log storage architecture to ensure logs are collected, securely stored within Indian jurisdiction, and readily available.
Additionally, we assess your systems' Network Time Protocol (NTP) synchronization to ensure all clocks are synced with the servers of the National Informatics Centre (NIC) or National Physical Laboratory (NPL).
The core of the 2022 directives is the requirement to report specific severe cyber incidents to CERT-In within 6 hours. We help design and implement the workflows needed to meet this strict SLA.
This includes streamlining internal communication, automating alert escalations, and establishing clear protocols for the Point of Contact (PoC) responsible for liaising with CERT-In.
In the event of an incident, logs must be preserved as evidence. We provide forensic readiness advisory to ensure your logs are tamper-proof and cryptographically secure.
We establish procedures for evidence preservation and chain of custody, ensuring that your data can be used effectively for internal investigations, regulatory reviews, or law enforcement inquiries.
We help update your organizational IT policies and Incident Response (IR) plans to explicitly reflect the CERT-In mandates. This ensures compliance is baked into your everyday governance.
We develop a comprehensive incident documentation framework, providing standardized templates for reporting incidents accurately and thoroughly as required by national authorities.
The critical requirements enforced by the 2022 directions that organizations must fulfill.
Organizations must report specified cyber incidents (like data breaches, ransomware, or critical system compromise) to CERT-In within 6 hours of noticing them. We design the internal automation, escalation matrices, and communication channels necessary to meet this aggressive deadline without fail.
The directive mandates maintaining secure, rolling logs of all ICT systems for 180 days within Indian jurisdiction. We validate your log storage architecture and ensure your system clocks are strictly synchronized with the Network Time Protocol (NTP) servers of NIC or NPL for accurate time-stamping.
To assist in post-incident analysis and regulatory scrutiny, organizations must be forensically ready. We advise on establishing tamper-proof log storage, secure evidence preservation, and a structured documentation framework that ensures all actions taken during an incident are legally defensible and compliant.
Avoid punitive actions, legal liabilities, and penalties under Section 70B of the IT Act by fully adhering to the mandated guidelines.
Contribute to India's national cybersecurity posture by ensuring your infrastructure can rapidly report and share vital threat intelligence.
Streamline your internal Incident Response (IR) processes, enabling your security teams to react to severe threats within hours, not days.
Maintain secure, irrefutable logs and evidence trails, ensuring you are fully prepared for post-incident investigations or regulatory audits.