Page 54 - PR COMMUNICATION AGE July - December 2020
P. 54
• Such other functions relating to cyber security as may “Guidance Framework for CCMP“ which may be used as a
be prescribed. template by various entities including Central Government
Ministries/Departments/States/UTs and entities under their
CERT-In creates awareness on security issues through administrative control to prepare & implement their own
dissemination of information on its website (http:// CCMP. “Cyber Crisis Management Plan -2019” and
www.cert-in.org.in) and operates 24x7 incidence response “Guidance Framework for CCMP” were circulated to all
Help Desk. CERT-In provides Incident Prevention and Central Government Ministries/Departments and States/
Response services as well as Security Quality Management UTs to enable them to develop and implement their own
Services. The activities carried out by CERT-In during April CCMP. CCMP outlines a framework for dealing with cyber
2019-October 2019 comprised of the following: related incidents for a coordinated, multi-disciplinary and
broad based approach for rapid identification, information
Activities Numbers (April 2019
exchange, swift response and remedial actions to mitigate
– December 2019)
and recover from malicious cyber incidents. CERT-In has
Incidents handled 328490
conducted four workshops since April- 2019 to appraise
Security Alerts 162 various organizations under the Central Ministries/States/
Advisories 26 UTs about the CCMP implementation and all necessary
assistance is being provided to them with regard to
Vulnerability Notes 151
implementation of CCMP. Till date, 76 CCMP enabling
Trainings 21
workshops have been conducted.
Indian Website Defacement 14491
International Security Drills 5 Cyber Security Exercises
Indian Cyber Crisis Exercises (ICCE)
Cyber Security Assurance
Indian Cyber Crisis Exercises (ICCE) are being conducted by
Under Security Assurance Framework, Indian Computer the Government to help the organisations to assess their
Emergency Response Team (CERTIn) has created a panel
preparedness to withstand cyber-attacks. These exercises
of ‘IT security auditing organisations’ for auditing, including
have helped tremendously in improving the cyber security
vulnerability assessment and penetration testing of
computer systems, networks & applications of various posture of the information infrastructure and training of
organizations of the Government, critical infrastructure manpower to handle cyber incidents, besides increasing the
organizations and those in other sectors of Indian economy. cyber security awareness among the key sector
CERT-In has empanelled 90 Information Security Auditing organisations. Till date CERT-In has conducted 44 Cyber
organisations, on the basis of stringent qualifying criteria, security exercises of different complexities, including table
to carry out information security audit, including the top exercises, with participation from about 300
organisations covering various sectors of Indian economy
vulnerability assessment and penetration test of the from Government/Public/ Private i.e. Defence, Paramilitary
networked infrastructure of Government and critical sector forces, Space, Atomic Energy, Telecommunications (ISPs),
organisations. This list of CERTIn empanelled auditing
Finance, Power, Oil & Natural Gas, Transportation
organisations are being consulted frequently by the entities
(Railways & Civil Aviation), IT/ ITeS/ BPO sectors and State
in Government and critical sectors for their auditing
requirements. Data Centres. A total of three cyber security exercises
including Table Top Exercises have been conducted by CERT-
Cyber Crisis Management Plan In during the period April-2019 to October-2019 to enhance
CERT-In, MeitY has formulated Cyber Crisis Management the preparedness of participants in handling cyber security
Plan (CCMP)-2019 for countering cyber attacks and cyber threats. Out of these three cyber security exercises, one
terrorism for implementation by all Ministries/Departments was Indian Cyber Crisis Exercise (ICCE) carried out by CERT-
of Central Government, State Governments/UTs and In for Cooperative banks on 31st May 2019. The other two
organizations under their administrative control. Along with cyber security exercises were table top exercises out of
the CCMP-2019, CERT-In has developed for first time which one was Joint Cyber Security exercise along with RBI
"Energy doesn't lie, what you attract is who you are."
54 PR COMMUNICATION AGE July - December 2020
