Following the several representations fired at CERT In by industry organisations opposing the directive of CERT In dated 28th April 2022 which prescribed

  • Mandatory reporting of Data breach within 6 hours
  • Synchronisation of system clocks
  • Maintenance of logs for 180 days
  • Registration of users and maintenance of KYC records for 5 years
  • Designation of a Point of Contact

CERT In has today issued a FAQ explaining the different aspects of the regulation.

The copy of the FAQ is available here: