Cyber security incident reporting mandate India
Question
In India, it is legally mandatory for which of the following to report on cyber security incidents?
- 1.
Service providers are legally mandated to report cyber security incidents
- 2.
Data centres are legally mandated to report cyber security incidents
- 3.
Body corporate are legally mandated to report cyber security incidents
Options
1 only
1 and 2 only
3 only
1, 2 and 3
Explanation
Under India's Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 and subsequent amendments including the Information Technology (Amendment) Rules, 2013, and cyber security incident reporting protocols, multiple entities are mandated to report breaches. Service providers (telecom companies, ISPs), data centres, and body corporate (organizations handling personal or sensitive data) all have legal obligations to report cyber security incidents and data breaches to the Indian Computer Emergency Response Team (CERT-In) and to affected individuals within specific time frames. These reporting requirements were formalized to strengthen India's cyber security posture. All three categories of entities are covered under the mandatory reporting framework. > Cyber Reporting: Service Providers + Data Centers + Body Corporate = Mandatory breach reporting to CERT-In. Answer: (d).
Question details
Year
2017
Paper
GS Paper 1
Question
Q85
Subject
Science & Technology
Sub-topic
Cyber security and IT regulations
Type
Statement-based
Difficulty
Medium
Nature
Current-affairs-linked
Source hint
Current Affairs 2017 - Cyber Security Rules
See all questions on Cyber security and IT regulations
Browse every tagged question across all years