wordpress blog stats
Connect with us

Hi, what are you looking for?

Rajeev Chandrasekhar hints at strict laws for companies to disclose security breaches: Report

Cybersecurity incidents in India have been on the rise since 2020 but the government is yet to revamp its national strategy.

The Indian government’s proposed cybersecurity laws will seek to prevent corporations from concealing security and data breaches, Minister of State for Electronics and Information Technology Rajeev Chandrasekhar said at the launch of IBM’s security command centre in Bengaluru, Economic Times reported.

“You will soon hear in the next few days new regulations going out there that puts the onus on organisations to report cybersecurity crimes and not just push it under the carpet, because it is important that at any given point the government and its agencies have absolute clarity and clear situational awareness of the threat matrix that is around and is active in the cyberspace in India,” he was quoted as saying by ET.

Chandrasekhar revealed that nearly 100 million-odd cyber incidents have been reported by CERT-In (Computer Emergency Response Team) so far. India is reportedly the second-most attacked country as far as cybercrime is concerned, he added.

Chandrasekhar’s comments might be an indication that the government is likely to announce India’s National Cybersecurity Policy. It will be a significant step in addressing the menace of growing cyber incidents as India does not have a comprehensive cybersecurity law presently.

2021 on track to be the biggest year for cybersecurity incidents

A cybersecurity law might go a long way in helping establish standard operating procedures in case of cybersecurity incidents that have been on the rise since 2020. The pandemic forced widespread adoption of technology as people remained locked in their homes, but it also attracted criminals looking to dupe unsuspecting users.

A total of 12,13,784 cybersecurity incidents were reported to CERT-In up till October this year, Chandrasekhar had revealed in response to Rajya Sabha MP Shreyams Kumar’s question during the winter session of the Parliament last year.

Advertisement. Scroll to continue reading.

What is CERT-In? The Indian Computer Emergency Response Team is responsible for tracking and monitoring cybersecurity incidents in India.

The data on cybersecurity incidents for 2021 without the last two months is still higher than the total number of cases—11,58,208—in 2020. Government organisations were the target in 32,736 incidents up till October 2021, whereas the figure stood at 54,314 last year. The Ministry of Electronics and Information Technology (MeitY) did not reveal whether India’s critical infrastructure was targetted in these incidents.

The figures revealed by CERT-In is a good indicator of the overall cybersecurity situation of the country, and as it stands, the situation looks grim with 2021 on track to be the biggest year in terms of cybersecurity incidents reported in India. It is high time that the government wastes no time in coming out with laws to deal with this growing malaise.

Will India’s pending cybersecurity policy see the light of day?

The government was supposed to launch the policy in 2020 but the pandemic threw a spanner in the works. The Ministry of Defence then informed the lower house of the Parliament in August 2021 that the government was in the final stages of approving the National Cyber Security Strategy that has been in the pipeline since 2019.

The new policy will cover several aspects of cyberspace including:

  • Governance and data as a national resource
  • Building indigenous capabilities
  • Cyber audit
  • Drones
  • Decentralisation of cybersecurity responsibilities
  • Cyber insurance
  • Internet of Things
  • Ransomware

Currently, India adheres to the National Cyber Security Policy 2013 but the policy is considered to be outdated given the pace of change that has taken place in cyberspace over the last decade.

IBM’s Security Command Centre

The IBM Security Command Centre will be set up in Bengaluru, India to help companies improve cybersecurity response, training, and preparedness. The centre is the first IBM Security Command Centre in the Asia-Pacific region; it has two such centres in the US and Europe serving 11,000 customers, according to a blog post by the company.

Advertisement. Scroll to continue reading.

“It is a fully immersive, interactive, and experiential learning facility that will enable team training and exercises of cyberattack responses. The centre comes with simulations and experiences to help organisations build a more effective cyber incident response. It gives your team an opportunity to learn, practice and defend against cyberattacks in a safe and controlled environment,” the company said in a statement.

IBM India Managing Director Sandip Patel said that Asia has become the most targeted region for cyber attacks and it is the first time the Asia Pacific has featured at the top of the list, PTI reported.

“India, Australia and Japan emerged as most attacked geographies with ransomware as the dominant attack in India. We have a responsibility to respond and act now,” Patel was quoted as saying.

The company did not disclose the size of its investment in the facility which includes a Security Operation Centre (SOC) that will provide security response services to organisations. IBM’s global SOC network spans nine locations, including in Atlanta (United States), Australia, Costa Rica, Japan, Poland, and Saudi Arabia, ET said in its report.

Also read:

Have something to add? Post your comment and gift someone a MediaNama subscription.

Written By

I cover several beats such as crypto, telecom, and OTT at MediaNama. I will be loitering at my local theatre and consuming movies by the dozen when I am off work.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ