ITI, a partnership of global technology companies such as Google, Facebook, IBM and Cisco, has said that India’s existing provisions under the new order could adversely affect organizations and could weaken cyber security in the country.
ITI’s Country Manager (India) Kumar Deep, in a letter dated May 5 to Sanjay Behl, head of the Indian Computer Emergency Response Team (CERT-In), said that he would seek a comprehensive consultation from the industry before finalizing the directive. Let’s talk
Deep said, “This directive can improve India’s cyber security situation provided it is properly developed and implemented. However, certain provisions of the Bill may negatively affect Indian and global enterprises and may undermine cyber security.
According to the CERT-In’s directive issued on April 28, all government and private agencies, internet service providers, social media platforms and data centers will have to report incidents of cyber security breaches within six hours of detection.
ITI has expressed concern on this instruction. Deep says that technology companies should give 72 hours, not just six hours, to report any incident and this is also the best practice globally.