CERT-In extends MSMEs’ cybersecurity compliance deadline to September 25
The Indian Computer Emergency Response Team (CERT-In) has announced the extension of the deadline for Micro, small, and medium-sized enterprises (MSMEs) to follow the cybersecurity directives issued by the agency to September 25.
The agency also issued directives to data centres, virtual private servers (VPS), cloud services, and VPN providers, instructing them that some aspects of the directives will take effect on September 25.
In a press release issued today, the agency acknowledged receiving several requests from MSMEs for an extension of the timelines for the agency's April 28th-issued Cyber Security Directions. Additionally, Data Centers, Virtual Private Server (VPS) providers, Cloud Service providers, and Virtual Private Network Service (VPN Service) providers have also requested more time to establish a method for validating subscribers/customers.
According to the instructions given on April 28 by CERT-In, service providers are required to keep records of every information and communication technology (ICT) system for a period of 180 days. Additionally, they must keep track of subscribers' personal information for at least five years, and make this information available to CERT-In upon request in the event of a cybersecurity problem.
CERT-In functions as the national agency for carrying out different tasks in the nation's cyber security sector. The agency manages monitored and reported cyber incidents, besides regularly analysing cyber risks.
Also read: Govt working towards easier access to credit for MSMEs: Official
Also read: A fourth of Indian MSMEs lost market share to big corporations during COVID: Crisil
Gloss