Shri Ravi Shankar Prasad, Hon’ble Minister of Law & Justice and Electronics & Information Technology inaugurated the “NIC-CERT”, a setup of National Informatics Centre, Ministry of Electronics and Information Technology on 11th December 2017.
In the recent past, there has been an exponential growth in cyber attacks leading to concerns about data theft which led to the Government drafting the Data Protection Act. As Internet with its ever-expanding canvas of opportunities is touching the life’s of people, it necessitates the requirement to upscale the existing security infrastructure.
NIC-CERT has been set up with the objective of creating a comprehensive framework that integrates world-class security components and inbuilt threat intelligence for detection, prevention and incident response. Using the tools the team will correlate events that would help in generating a canvas of the attack surface and identify the vulnerabilities and possible exploits. The gathered intelligence assimilated with the knowledge of the open web would give the CERT the ability prevent and predict attacks.
NIC’s PAN-India connectivity and reach are its key strengths and this coupled with its enhanced ability to detect and prevent attacks would collectively upscale the Government’s ability to protect its data.
Setting up NIC-CERT, as per Hon’ble Minister, is MeitY’s initiative under Digital India aimed at enhancing the security posture of NIC and the Government which will, in turn, lead to an enhanced trust of the citizens as the services offered to them would be configured in a framework that is secure by design. NIC-CERT will operate in close coordination and collaboration with sectoral CERT’s and more so with Cert-in.
NIC, which comes under the IT ministry, has a key role in e-governance at the national, state and district levels. Almost all Indian-government websites are developed and managed by NIC.
CERT-In is the national nodal agency under the IT ministry, which deals with cybersecurity threats such as hacking and phishing. It is tasked with the collection, analysis and dissemination of information on cyber incidents and even taking emergency measures for handling cybersecurity incidents.