Training

Events

Panel Discussion: Complying With CERT-In's Directives of Breach Reporting and Log Retention: Where Are the Hiccups?

Panel Discussion: Complying With CERT-In's Directives of Breach Reporting and Log Retention: Where Are the Hiccups?

The Indian Computer Emergency Response Team (CERT-In) has issued directives under section 70B of the IT Act, 2000, that both government and private organizations in the country must inform the agency within six hours of discovering a cybersecurity incident. In case of non-compliance, the company is liable to pay a maximum penalty of about INR 1 lakh.

See Also: The Operationalization of Threat Intelligence Programs

While the new guidelines are designed to tackle cybercrime effectively, they are likely to pose challenges to companies in terms of adhering to the six-hour rule. In addition, it has directed all service providers, intermediaries, data centers, corporate bodies and government organizations to retain the logs securely for a period of 180 days within the Indian jurisdiction.

What does this directive mean to the security practitioners, and what are the ways to comply with this? How are CISOs complying with this directive and where are the bottlenecks?

The session will cover:

  • The practical challenges of complying with these directives
  • How can practitioners reset their internal structure?
  • Consequences of retaining logs for the specified time period

Webinar Registration

Premium Members Only

OnDemand access to this webinar is restricted to Premium Members.

Join Now to Access
Have an account? Sign in.


Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.