IT Glossary · Compliance & Regulations

CERT-In Compliance — India's Cybersecurity Directives

CERT-In (India's Computer Emergency Response Team) issued mandatory cybersecurity directives in April 2022 that require all Indian organisations to report cyber incidents within 6 hours, maintain logs for 180 days, and implement specific security controls.

The Indian Computer Emergency Response Team (CERT-In) issued Directions under Section 70B of the Information Technology (IT) Act 2000 in April 2022. These directions apply to all entities operating in India — companies, government bodies, intermediaries, and data centres. Key requirements include: reporting cybersecurity incidents to CERT-In within 6 hours of detection; maintaining ICT system logs for 180 days within India; synchronising all ICT clocks with India Standard Time (NTP servers); and designating a Point of Contact (PoC) to coordinate with CERT-In. Failure to comply can result in imprisonment up to 1 year or fines.

6-Hour Reporting: Any cyber incident (data breach, ransomware, DDoS, phishing, etc.) must be reported to CERT-In at incident@cert-in.org.in within 6 hours of detection or becoming aware.
180-Day Log Retention: ICT system logs (servers, firewalls, endpoints, network devices) must be maintained for 180 days and must be stored within India's geographic boundaries.
NTP Synchronisation: All ICT system clocks must be synchronised with NTP servers of National Informatics Centre (NIC) or NPTEL — critical for log correlation.
KYC for VPN/Cloud Users: VPN service providers, cloud service providers, and virtual asset service providers must verify user identities (KYC) and maintain records for 5 years.

Related terms: DPDP Act 2023, Incident Response, SIEM, Log Management, Endpoint Security, ISO 27001

Frequently Asked Questions

Does CERT-In compliance apply to small businesses in India?

Yes. CERT-In directives apply to "all entities" operating in India — there is no SME exemption by size. However, the level of implementation complexity scales with your IT infrastructure. Even a 20-person company needs 6-hour incident reporting capability and log retention.

What IT tools help with CERT-In compliance?

Trend Micro Apex One helps with endpoint security logs and incident response. A SIEM solution (Azure Sentinel, Splunk, or open-source alternatives) helps centralise and retain logs for 180 days. NTP configuration is a system-level change. We help Indian businesses implement all required controls.

Get CERT-In compliance help for your Indian business — security assessment and implementation support.