Global Trade Bodies Express Concern Over ‘Onerous’ Directives Of CERT-In

Global Trade Bodies Express Concern Over ‘Onerous’ Directives Of CERT-In

SUMMARY

Global business associations write to CERT-In DG, seek delay in the effective date of the new directives issued by the agency

The trade bodies have urged the government to engage in dialogue with relevant stakeholders before formulating its policies

The recent directives issued by the CERT-In may make it more difficult for companies to do business in India: Trade associations

A host of global business associations have expressed concerns over the ’onerous’ directives issued by the Indian Computer Emergency Response Team (CERT-In) recently. 

In a letter to Sanjay Bahl, the director general of CERT-In, which was seen by The Economic Times, the business associations stated that the recent directives issued by CERT-In could have a ‘detrimental impact on cybersecurity’ for organisations that operate in India. It further added that these requirements may also make it more difficult for companies to do business in India.

The letter was signed by organisations such as the US Chamber of Commerce, the US-India Business Council, the US-India Strategic Partnership Forum, techUK, among others.

”This will create a disjointed approach to cybersecurity across jurisdictions, which in turn will undermine the security posture of India and its allies in the QUAD nations, Europe and beyond,” it added.

The matter at the centre of debate is the mandatory requirement of reporting cybersecurity incidents within a 6-hour timeline. Other areas of concern highlighted by the trade bodies include the mandate to furnish sensitive logs to the watchdog in the event of a cyberattack and the requirement for virtual private network (VPN) providers to retain subscriber information for at least 5 years after the cancellation of service by users.

“If left unaddressed, these provisions will have a significant adverse impact on organisations that operate in India with no commensurate benefit to cybersecurity”, the letter added. 

The trade bodies also urged the government to reconsider the cyber incident reporting time and increase it to 72 hours from the current 6 hours. The associations also raised concerns regarding maintenance of ‘voluminous’ data, citing increased costs to the company.

“The technical requirements put forward in the directive will make cybersecurity worse, not better. The sheer volume of information required, wasted resources and fragmented approach will damage the global cybersecurity ecosystem and make us all less safe”, said one of the signees. 

The associations that signed the letter belonged to a host of sectors and from a slew of countries such as the US, the UK and the EU. The bodies urged the government to engage in dialogue with relevant stakeholders before formulating its policies. 

“We look forward to engaging with you further regarding these concerns and respectfully encourage you to delay the effective date of the directive and the associated implementation requirements for the underlying provisions until further consultations with stakeholders have taken place,” they said. 

The latest directives of CERT-In have received criticism from many quarters. Many have pointed out that journalists and whistleblowers use VPNs, and furnishing activity logs could endanger their lives. Another set of new regulations that mandate reporting of cyber attacks within six hours has also been in the line of fire from industry experts. This new direction will come into effect from June 27. 

Step up your startup journey with BHASKAR! From resources to networking, BHASKAR connects Indian innovators with everything they need to succeed. Join today to access a platform built for innovation, growth, and community.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Global Trade Bodies Express Concern Over ‘Onerous’ Directives Of  CERT-In-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Global Trade Bodies Express Concern Over ‘Onerous’ Directives Of  CERT-In-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Global Trade Bodies Express Concern Over ‘Onerous’ Directives Of  CERT-In-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Global Trade Bodies Express Concern Over ‘Onerous’ Directives Of  CERT-In-Inc42 Media
Global Trade Bodies Express Concern Over ‘Onerous’ Directives Of  CERT-In-Inc42 Media
You’re in Good company