Critical Information Infrastructure

In a notification issued on June 16, 2022, the Union Ministry of Electronics and IT (MeitY) has declared IT resources of HDFC bank, ICICI Bank, and NPCI as ‘critical information infrastructure (CII)’.

What is critical information infrastructure?

According to Information Technology Act of 2000, “Critical Information Infrastructure” is a “computer resource”.  Incapacitation or destruction of such resource have debilitating impact on national security, public health, economy, or public safety”.

Who declare entity as Critical Information Infrastructure?

Under the IT Act 2000, the Union government has the power to declare any data, IT network, database, or communications infrastructure as Critical Information Infrastructure, in order to protect that digital asset. In case, any person who secures access or tries to secure access to protected system, can be put behind the bars for up to 10 years.

What is the need of CII classification and protection?

Governments across the world have been moving to protect their critical information infrastructure because IT resources are the backbone of almost all critical operations in the infrastructure of country. Any interconnectedness and disruptions to IT resources can have a cascading effect on different sectors. For instance, IT resources failure at a power grid can lead to prolonged outages affecting other sectors like healthcare, banking services.

Protection of CIIs in India

In India, CIIs are protected through a nodal agency “National Critical Information Infrastructure Protection Centre (NCIIPC)”. NCIIPC was created in January 2014. It is the nodal agency to take all measures for protecting CIIs. It guards CIIs from “unauthorized access, use, modification, disclosure, incapacitation, disruption, or distraction”. It will monitor and forecast national-level threats to CII for policy guidance, situational awareness and expertise sharing for early alerts or warning. In case of threat to CII, the NCIIPC may call for information and provide directions to critical sectors or persons having a critical impact on CII.




Latest E-Books