CERT-In is a functional organization of Department of Information Technology, Ministry of Communications and Information Technology, Government of India, operational since 2004, with the objective of securing Indian Cyber space. Now with Information Technology (Amendment) Act, 2008 coming into force w.e.f. 27th October, 2008, the CERT-In is a legal authority under newly inserted Section 70-B of Information Technology Act read with notification published in Part II, Section 3, Sub-section (ii) of the Gazette of India, Extraordinary, dated 27th October, 2009.

1. CERT-In to serve as national agency for incident response CERT-In is a functional organization of Department of Information Technology, Ministry of Communications and Information Technology, Government of India, operational since 2004, with the objective of securing Indian Cyber space. Now with Information Technology (Amendment) Act, 2008 coming into force w.e.f. 27th October, 2008, the CERT-In is a legal authority under newly inserted Section 70-B of Information Technology Act read with notification published in Part II, Section 3, Sub-section (ii) of the Gazette of India, Extraordinary, dated 27th October, 2009. Under Section 70-B (4), as inserted by the recent Information Technology (Amendment) Act, 2008, CERT-In has been designated to serve as the national agency to perform the following functions in the area of cyber security: Collection, analysis and dissemination of information on cyber incidents; Forecast and alerts of cyber security incidents; Emergency measures for handling cyber security incidents; Coordination of cyber incidents response activities; Issue guidelines, advisories, vulnerability notes and whitepapers relating to information security practices, procedures, prevention, response and reporting of cyber incidents; Such other functions relating to cyber security as may be prescribed. For carrying out the aforesaid activities, the CERT-in has been vested with the powers to call for information & give directions to the service provides, intermediaries, data centres, body corporate and any other person. Failure to provide the requisitioned information is a punishable offence with imprisonment for a term which may extend to one year or with fine which may extend to one lakh rupees or with both under Section 70B (7). However, it may be noted that the court can take cognizance of offence under this section only on a complaint made by an officer authorized in this behalf by the CERT-In. HYPERLINK
http://www.neerajaarora.com
Neeraj Aarora (Advocate)