CERT-In — India’s Cybersecurity Guardian

What is CERT-In?

CERT-In (Indian Computer Emergency Response Team) is the national cybersecurity agency under MeitY. It coordinates responses to cybersecurity incidents, issues advisories, and protects India’s digital infrastructure.

Functions

Incident Response

• Cyber Incident Reporting: For attacks on Indian entities
• Rapid Response: Contain and mitigate threats
• Forensic Analysis: Investigate attacks
• International Coordination: With global CERTs

Advisory & Guidelines

• Vulnerability Disclosures: Security alerts
• Best Practices: For organizations
• Compliance Requirements: Mandatory reporting

Powers (Updated 2022 Directions)

Directives

• 6-Hour Reporting: Incidents must be reported within 6 hours
• Log Retention: 180-day mandatory log storage
• KYC Sync: Customer details synchronization
• VPN Provider Data: 5-year retention

Enforcement

• Penalty: Up to ₹1 crore for non-compliance
• Imprisonment: Up to 3 years for certain offenses
• IP Blocking: Can order blocking of malicious sites

Incident Categories

Reportable Incidents

1. Malicious Code: Virus, ransomware, trojans
2. Unauthorized Access: Hacking attempts
3. Data Breach: Leaks of sensitive information
4. DDoS Attacks: Service disruptions
5. Phishing: Fraudulent emails/websites
6. Identity Theft: Impersonation

What to Report

• Government systems compromised
• Financial sector attacks
• Healthcare data breaches
• Telecom network incidents
• Critical infrastructure attacks

Reporting Process

How to Report

1. Portal: https://www.cert-in.org.in
2. Email: incidents@cert-in.org.in
3. Phone: +91-1800-11-4649 (Toll-free)
4. Format: Incident report template available

Information Required

• Incident description
• Date/time of detection
• Systems affected
• Impact assessment
• Preliminary mitigation taken

Services

For Organizations

• Vulnerability Assessment: Scanning services
• Penetration Testing: Security testing
• Incident Response: 24/7 support
• Forensic Services: Evidence preservation

For Citizens

• Advisories: Public alerts
• Malware Removal: Tools and guides
• Awareness: Cybersecurity tips

Recent Initiatives

Cyber Swachhta Kendra

• Botnet Cleaning: Free malware removal
• DNS Sanitization: Clean internet access
• Mobile Security: Android/iOS tools

Cyber Surakshit Bharat

• Awareness Programs: For enterprises
• CISO Training: Security officer certification
• Best Practices: Guidelines

Statistics (2024)

• Incidents Handled: 14+ lakh
• Breaches Reported: 200% increase
• Critical Infrastructure: 500+ protected
• Advisories Issued: 500+

Compliance for Organizations

Mandatory Requirements

• Incident Reporting: 6 hours
• Log Retention: 180 days
• Synchronization: Customer data KYC
• Designated Officer: CISO appointment

Sectors Affected

• Finance: Banks, NBFCs, insurance
• Healthcare: Hospitals, diagnostic labs
• Telecom: ISPs, operators
• Government: All ministries

How Citizens Can Help

Personal Security

• Update Software: Patch vulnerabilities
• Strong Passwords: Unique, complex
• Two-Factor Auth: Enable where possible
• Phishing Awareness: Don’t click suspicious links

Reporting Cybercrime

• National Portal: https://cybercrime.gov.in
• State Police: Local cyber cell
• CERT-In: For critical infrastructure

Prime References

• CERT-In Official - Main portal
• Incident Reporting - Report portal
• Cyber Swachhta - Cleaning tools
• MeitY - Parent ministry

This 101 guide is part of DPIWatch’s citizen education initiative. Last updated: March 2026.