In India, it is legally mandatory for which of the following to report on cyber security incidents?

Service providers

Data centres

Body corporate

Select the correct answer using the code given below:

Question

The correct answer is [D] 1, 2 and 3. In India, the legal framework for cyber security mandates that various entities report incidents to the designated national agency.

Legal Framework: Under Section 70B of the Information Technology Act, 2000, the central government established the Indian Computer Emergency Response Team (CERT-In) as the national nodal agency for cyber security.
Mandatory Reporting (Statements 1, 2, and 3 – Correct): According to the Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Rules, 2013, it is mandatory for service providers, data centres, and body corporates to report cyber security incidents to CERT-In within a specified timeframe.
Expanded Scope: The 2022 CERT-In directions further tightened these requirements, mandating that any entity (including government organizations and service providers) must report identifiable cyber incidents within 6 hours of noticing them.
Types of Incidents: Mandatory reporting covers a wide range of issues, including data breaches, ransomware attacks, targeted scanning/probing of critical networks, and unauthorized access to IT systems.

The definition of \"body corporate\" is broad, encompassing companies, firm sole proprietorships, or other associations of individuals engaged in commercial or professional activities. This ensures a comprehensive security net across India\'s digital ecosystem.

GKToday Admin · Accepted Answer

1, 2 and 3 The correct answer is [D] 1, 2 and 3. In India, the legal framework for cyber security mandates that various entities report incidents to the designated national agency.

Legal Framework: Under Section 70B of the Information Technology Act, 2000, the central government established the Indian Computer Emergency Response Team (CERT-In) as the national nodal agency for cyber security.
Mandatory Reporting (Statements 1, 2, and 3 – Correct): According to the Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Rules, 2013, it is mandatory for service providers, data centres, and body corporates to report cyber security incidents to CERT-In within a specified timeframe.
Expanded Scope: The 2022 CERT-In directions further tightened these requirements, mandating that any entity (including government organizations and service providers) must report identifiable cyber incidents within 6 hours of noticing them.
Types of Incidents: Mandatory reporting covers a wide range of issues, including data breaches, ransomware attacks, targeted scanning/probing of critical networks, and unauthorized access to IT systems.

The definition of \"body corporate\" is broad, encompassing companies, firm sole proprietorships, or other associations of individuals engaged in commercial or professional activities. This ensures a comprehensive security net across India\'s digital ecosystem.

Current Affairs

Daily MCQs

Monthly MCQs

Topic Wise CA MCQs

CA MCQs in Other Languages

GK MCQs Section

SSC/RRB/States Level MCQs