Have you ever heard the term “CERT-IN certification” and wondered what it meant for your company’s cybersecurity policies? CERT-IN, or the Indian Computer Emergency Response Team, is a government-approved organization that ensures information technology (IT) security. It was established in 2004 by the Department of Information Technology to carry out the provisions of the 2008 Information Technology Amendment Act.
CERT-In is a government organization that reports to the Ministry of Electronics and Information Technology. CERT (Computer Emergency Response Team) is a group of information security experts who are in charge of providing cyber security protection. Furthermore, the team of experts is tasked with detecting and responding to cyber-attacks. Each country has its own CERT. CERT-In is the name of the Indian CERT.
CERT-IN – Objectives
CERT-In mission is to improve cybersecurity in India. The organization’s objectives are as follows in order to achieve this goal:
Cyber attacks on the country’s cyberspace must be avoided.
Responding to cyber attacks to minimize damage and recovery time in order to reduce national vulnerability to cyber attacks.
Raising citizens’ awareness of cyber security.
The mandate of CERT-In certification for extensive data collection and retention in the manner specified amplifies the existing risk of unchecked surveillance in India. It creates a vulnerability that adversaries can exploit, threatening an individual’s right to privacy as well as collective cybersecurity. This is taking place against the backdrop of increasing surveillance impunity in India, as well as a legal vacuum where a strong data protection law should exist.
How well Cert-In Function?
As evidenced by a large number of cybersecurity incidents and data breaches, there is no doubt that we urgently require coordinated government action and clear policy. However, it is critical to recognize that privacy and cybersecurity can be mutually beneficial. Other major democracies’ national cybersecurity policies recognize this and explicitly state the need to protect human rights while also ensuring that cybersecurity regulation and data protection laws are constructively interlinked.
Below are a few of the important functions of Cert-In assigned by the Information Technology (Amendment) Act 2008:
Issues guidelines and advisories on information security best practices and procedures, as well as the prevention and reporting of cyber incidents.
CERT-In collects, analyses, and disseminates information about cyber incidents in India.
Forecasts and warnings about cyber incidents.
Helps in taking emergency measures to deal with cyber security incidents.
They play an important role in the coordination of cyber incident response activities.
Cert-In Empanelled – Auditors
According to CERT-In, empanelled security auditors may conduct interviews with key people in charge, conduct vulnerability assessments and penetration testing, list existing security policies and controls, and test IT assets as part of an audit. This is done to assess the efficacy of information security controls.
CERT-In has established a panel of IT Security Auditing Organizations that perform vulnerability assessments and penetration testing on computer systems, networks, and applications of various organizations that fall under the purview of the Government of India as well as those in other sectors of the Indian economy.
The empanelled security auditor organization performs the following functions in this pursuit:
Review of IT security policies
Testing for Information Security
Internet Technology Security Evaluation
Process Security Evaluation
Application security evaluation
Communication Security Evaluation
Wireless Security Examination
Physical Security Examination
Upgrade Cert-In with WeSecureApp
WeSecureApp (TekCube Private Ltd) is a cutting-edge cyber security firm based in Texas, with offices in Hyderabad and Mumbai, India. We started as an app security company and have risen through the ranks to become one of the most promising enterprise security companies in the last five years.
WeSecureApp announced that it has been empaneled by the Indian Computer Emergency Response Team (CERT-In) to offer information security auditing services to organizations in addition to its existing cybersecurity-enabled offerings.
With our large clientele of eminent corporate organizations, we have global expertise in dealing with the challenges that large organizations face with complex cybersecurity requirements.
WeSecureApp understands data security’s importance to each client, so we provide equally dependable services. Your data and information are safe with us and will never be misused. We take ownership of each project and work on it as if it were our own, allowing us to provide accurate advice, deliver accurate information, work ethically, and never compromise user information. WeSecureApp is entrusted with all of the above-mentioned functions of a Security Auditing Firm as prescribed by CERT-In as a result of the empanelment.