The first NIC-CERT, a setup of National Informatics Centre, Ministry of Electronics and Information Technology was inaugurated by Law and Information Technology Minister Ravi Shankar Prasad on 11 December 2017.
Explaining the move, the Minister stated that the union government as a part of its Digital India initiative had introduced a lot of services online and while this made the services easily accessible to citizens, it also exposed them to threats and vulnerabilities that are an inherent part of cyberspace.
The Minister mentioned that in the recent past there has been an exponential growth in cyber attacks leading to concerns of data theft, which led to the government drafting the Data protection Act.
He further stated that the National Informatics Centre has been doing remarkable job of securing the Government cyberspace for a long time and by setting up the centre they have taken their experience and expertise to the next level.
• The setting up of NIC-CERT is an initiative by the Ministry of Information Technology under Digital India to enhance the security posture of NIC and the government, which will in turn lead to enhanced trust of the citizens as the services offered to them would be configured in a framework that is secured by design.
• It has been set up to create a comprehensive framework that integrates world class security components and inbuilt threat intelligence for detection, prevention and incident response.
• The centre will operate in close coordination and collaboration with sectoral CERT’s and more so with Cert-in.
• Using the tools research teams would be able to correlate events that would help in generating a canvas of the attack surface and identify the vulnerabilities and possible exploits.
• The gathered intelligence assimilated with the knowledge of the open web would give the CERT the ability prevent and predict attacks.
One of the key strengths of the new centre is the PAN-India connectivity of NIC and this coupled with its enhanced ability to detect and prevent attacks would collectively upscale the government’s ability to protect its data.