Loading...
Skip to main content

Like many websites, BSA’s websites use cookies to ensure the efficient functioning of those websites and give our users the best possible experience. You can learn more about how we use cookies, and how you can change your browser's cookie settings, in our cookies statement. By continuing to use this site without changing your cookie settings, you consent to our use of cookies.

X

JUN 06, 2022 | ASIA PACIFIC | INDIA

BSA Statement on the Submission to Ministry of Electronics and Information Technology on CERT-In’s Notification on Information Security Practices

NEW DELHI – June 6, 2022 – BSA | The Software Alliance submitted its concerns to the Ministry of Electronics and Information Technology (MeitY) on Computer Emergency Response Team’s (CERT-In) “Directions … relating to information security practices, procedure, prevention, response and reporting of cyber incidents for Safe & Trusted Internet” (Directions).

The Directions aims to augment and strengthen cybersecurity in India. BSA supports this aim of CERT-In and the need to build an effective cyber incident reporting regime. While we appreciate MeitY’s efforts to clarify the Directions through Frequently Asked Questions (FAQs), a few provisions are incompatible with risk-based, technology neutral, and flexible approaches to ensure robust cyber security mechanisms.

“We are concerned about the broad scope of notifiable cyber incidents, the lack of a risk-based threshold, and the short timeline for reporting in the Directions. These provisions will undermine incident investigation and response, including the deployment of defensive measures”, said Venkatesh Krishnamoorthy, Country Manager – India, BSA | The Software Alliance. “We urge the CERT-In to adopt an impact-based and risk-based approach to incident reporting. We recommend that the Directions ask to provide an initial report of high-impact or severe cyber incidents as soon as practicable or within 72 hours of the confirmation of an incident, whichever is faster. We also seek greater flexibility on log-keeping requirements and more time to implement user validation requirements. BSA looks forward to working with MeitY and CERT-In to contribute to an effective approach towards a secure digital economy for India.”

ABOUT BSA

BSA | The Software Alliance (www.bsa.org) is the leading advocate for the global software industry before governments and in the international marketplace. Its members are among the world’s most innovative companies, creating software solutions that help businesses of all sizes in every part of the economy to modernize and grow.

With headquarters in Washington, DC, and operations in more than 30 countries, BSA pioneers compliance programs that promote legal software use and advocates for public policies that foster technology innovation and drive growth in the digital economy.

MEDIA CONTACTS

Riley McBride Smith

Telephone: 202-591-1125
Email: Riley@allisonpr.com

For Media Inquiries

Email: media@bsa.org

MEDIA CONTACTS

Media Inquiries

Email: media@bsa.org

MEDIA CONTACTS

Christine Lynch

CONTACTO DE PRENSA

Media Inquiries

Email: media@bsa.org