Security News > 2022 > October > India set to extend deadline for absurd infosec reporting requirements

India set to extend deadline for absurd infosec reporting requirements
2022-10-14 02:33

India's minister of state for electronics and information technology, Rajeev Chandrasekhar, has hinted strongly that he will again extend the deadline to comply with sweeping new information security reporting rules that were imposed as an essential national defence mechanism.

After the deadline they were required to report many types of infosec incidents - even trivial ones like port scanning and phishing attempts - to India's Computer Emergency Response Team within six hours of detection.

Another element of the rules requires clouds and VPN providers to register and report real names of users.

BSA kicks multiple holes in India's infosec reporting rules.

Chandrasekar later retweeted the newspaper's report of his remarks, which rather confirms that the original 60-day deadline was impractical.

So it remains unclear if India has secured the flow of infosec intelligence it sought, or is capable of using it to inform a response.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/10/14/india_cert_in_reporting_deadline_extension/