2nd Edition

Tracking the trends and news for IT and IT Security

Paul

Top Cybersecurity Regulations in India Updated 2023

611da2f8cd98e558f20a4957_upguard-favicon.png Top Cybersecurity Regulations in India [Updated 2023]>
Upguard Blog – Kyle Chin
1) The Information Technology Act, 2000 The IT Act of 2000 was enacted by the Parliament of India and administered by the Indian Computer Emergency Response Team (CERT-In) to guide Indian cybersecurity legislation, institute data protection policies, and govern cybercrime. It also protects e-governance, e-banking, e-commerce, and the private sector, among many others.

2) Information Technology (Amendment) Act 2008 IT Act 2008 added updated and redefined terms for current use, expanding the definition of cybercrime and the validation of electronic signatures. It also strongly encourages companies to implement better data security practices and makes them liable for data breaches.

3) Information Technology Rules, 2011 The most significant amendments include provisions for the regulation of intermediaries, updated penalties and violation fees for cybercrime, cheating, slander, and nonconsensual publishing of private images, as well as censoring/restriction of certain speech.

4) Indian SPDI Rules, 2011 for Reasonable Security Practices The IS/ISO/IEC 27001 regulations are identified by the Indian SPDI Rules, 2011, as international standards. As such, Indian companies aren’t obligated — but are highly advised — to implement these standards, which can help meet the “reasonable security practices” under Indian jurisdiction.

5) National Cyber Security Policy, 2013 In 2013, the Department of Electronics and Information Technology (DeitY) released the National Cyber Security Policy 2013 as a security framework for public and private organizations to better protect themselves from cyber attacks.

The goal behind the National Cyber Security Policy is to create and develop more dynamic policies to improve the protection of India’s cyber ecosystem. The policy aims to create a workforce of over 500,000 expert IT professionals over the following five years through skill development and training.

6) IT Rules, 2021 The new amendments aim to allow ordinary users of digital platforms to seek compensation for their grievances and demand accountability when their rights are infringed upon, as well as institute additional due diligence on organizations.

7) National Cyber Security Strategy 2020 While the plan is still under development and pending review by the National Security Council Secretariat, the plan’s main goal is to serve as the official guidance for stakeholders, policymakers, and corporate leaders to prevent cyber incidents, cyber terrorism, and espionage in cyberspace. 8) KYC (Know Your Customer) KYC is the tracking and monitoring of customer data security for improved safeguarding against fraud and payment credential theft. It requires banks, insurance companies, and any other digital payment companies that carry out financial transactions to verify and identify all of their customers. 9) Reserve Bank of India Act 2018 The Reserve Bank of India introduced the RBI Act in 2018, which details cybersecurity guidelines and frameworks for UCBs (urban co-operative banks) and payment operators.
Link: https://www.upguard.com/blog/cybersecurity-regulations-india

Categories:

Tags: