The Indian Computer Emergency Response Team (CERT-In) has ordered that all cybersecurity incidents such as targeted scanning or probing of critical networks and systems, compromise of critical systems and information, unauthorized access to data and systems and others must be reported to the affected companies within six hours after becoming aware of the incident or becoming aware of it themselves.
CERT-In’s new guidelines for companies operating in India state that service providers, intermediaries, data centers, corporations and government organizations must report such incidents within six hours.
It has also ordered that virtual asset service providers, virtual asset exchange providers and custodian bank service providers store all information they have collected as part of the know-your-customer (KYC) process and records of financial transactions for a must be retained for a period of five years.
“Regarding transaction records, accurate information needs to be kept in a way that enables individual transactions to be reconstructed along with the relevant elements, including but not limited to information identifying the relevant parties, including IP addresses along with timestamps and time zones, transaction ID , the public keys (or equivalent identifiers), addresses or accounts involved (or equivalent identifiers), the type and date of the transaction, and the amount transferred,” CERT-In said.
Likewise, data centers, virtual private server providers, cloud service providers and VPN providers must provide details such as the validated name of the customer, the period of service, the IP addresses allocated and used, the purpose for which the service was used , address and contact save number as well as ownership pattern.
