Search Your Queries Related To Trilegal

How to comply with CERT-In’s new six-hour time frame to report cyber incidents

05 Jul 2022

By Karthik Koragal (Senior Associate) and Pratibha Sharma (Senior Executive)
This article was first published in LiveLaw

The Indian Computer Emergency Response Team (CERT-In) recently issued a set of new directions under the Information Technology Act, 2000 (IT Act), in relation to information security practices, procedure prevention, response and reporting of cyber incidents for safe and trusted internet (CERTIN Directions), followed by Frequently Asked Questions (FAQs) dated 19 May 2022 issued by CERTIN, to clarify the requirements under the directions.

CERT-IN Directions mandate service providers, intermediaries, data centres and body corporates (Applicable Entities) to mandatorily report cyber incidents (as defined under the Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Rules, 2013 (CERT-IN Rules)) within: (a) six hours of noticing such incidents; or (b) such incident being brought to such Applicable Entities. Prior to this update, CERT-In had stipulated reporting cyber security incidents (as defined under CERT-IN Rules) as early as possible, and within a reasonable time of occurrence or noticing the incident.

In addition to the Applicable Entities being mandated to report cyber incidents, within the prescribed time and in the prescribed manner, they are also required to report cyber security incidents (prescribed under CERT-IN Directions), on meeting the following threshold (as laid out in the FAQs):

Download PDF to read more


This page contains general information regarding Trilegal and is not intended as a solicitation or an advertisement of its services or any invitation or inducement of any sort. Nothing contained in this website constitutes legal advice or creation of a lawyer-client relationship. If you have any issues, you must seek legal advice. Trilegal is not liable for the consequences of any action taken by relying on the material/information provided on this website. For more information, please read our terms of use and our privacy policy.

Trilegal - Up Arrow