The Tug of War for CERT-IN: IT Ministry vs. Home Affairs

What’s in today’s article?

• Why in News?
• What is Computer Emergency Response Team (CERT-IN)?
• Control of CERT-IN
• Conclusion

Why in News?

Two ministries, Information Technology and Home Affairs, are making a strong pitch for the ownership of Computer Emergency Response Team (CERT-IN), the country’s nodal cybersecurity watchdog.

At present, Cert-In comes under the administrative control of the IT Ministry.

What is Computer Emergency Response Team (CERT-IN)?

• About
  • The Computer Emergency Response Team (CERT-IN) is an organization under the Ministry of Electronics and Information Technology, Government of India.
  • It has been operational since 2004.
  • As per the Information Technology Amendment Act, 2008, CERT-In has been designated to serve as the national nodal agency responsible:
    • for responding to computer security incidents as they occur and
    • for enhancing the security of India's communications and information infrastructure.
• Functions

Incident Response

• Providing technical assistance and advice to individuals and organizations in case of a cyber incident.
• Coordinating responses to security incidents on the national level.

Cyber Security Awareness and Training

• Organizing training programs, workshops, and conferences to educate stakeholders about cyber security threats and best practices.
• Disseminating information on cyber threats, vulnerabilities, and protective measures.

Vulnerability Handling and Coordination

• Identifying and analyzing vulnerabilities in computer systems and networks.
• Coordinating with stakeholders to mitigate the impact of vulnerabilities and advising on preventive measures.

Security Quality Management Services

• Offering security quality management services, including risk assessment, penetration testing, and security audits.
• Developing guidelines, standards, and policies for the protection of information infrastructure.

Cyber Threat Monitoring

• Continuously monitoring cyber threats to the country's information infrastructure.
• Providing early warning and alerts on potential and ongoing cyber threats.

Collaboration and Coordination

• Collaborating with domestic and international cyber security organizations, law enforcement agencies, and industry partners.
• Sharing information and best practices to enhance collective cyber security defenses.

Policy Development and Implementation

• Assisting in the formulation of national policies and strategies related to cyber security.
• Ensuring the implementation of government policies and regulations pertaining to cyber security.

Research and Development

• Engaging in research and development activities to innovate and improve cyber security technologies and methodologies.
• Promoting the development of indigenous cyber security solutions.
• Few notable works of CERT-IN
  • CERT-In has been involved in high-profile investigations, such as the 2022 cyberattack on AIIMS Delhi.
  • It issued a cybersecurity directive in 2022, requiring VPN and cloud service providers to store customer information for five years.
  • CERT-In handled approximately 1.4 million cybersecurity incidents in 2022, with mitigation of vulnerable services being the most common.

Control of CERT-IN

• Two key ministries in India, Information Technology (IT) and Home Affairs (MHA), are in a dispute over control of the CERT-IN.
• Positions of the Ministries
  • Ministry of Home Affairs (MHA): Advocates for CERT-In to come under its control to enhance law enforcement capabilities, particularly in cyberspace, given CERT-In's technical expertise and the MHA's enforcement powers.
• The MHA believes this integration would streamline cybercrime investigations.
  • Ministry of Information Technology (IT): Argues that CERT-In's role is technical and extends beyond law enforcement, focusing on incident reporting, malware alerts, and advising on security infrastructure improvements.
• The IT Ministry emphasizes that CERT-In's technical functions are distinct from investigative powers, which the MHA holds.
• Background
  • CERT-In, under the IT Ministry, performs technical functions like analyzing and disseminating information on cyber incidents, issuing alerts, and coordinating responses.
• It does not have investigative powers like search and seizure.
  • The MHA, through the Indian Cyber-crime Coordination Centre (I4C), focuses on cybercrimes and coordination among law enforcement agencies.
  • Control of CERT-In could provide the MHA with needed technical expertise.
• Dispute highlights an associated issue
  • The dispute is partly due to ambiguous Allocation of Business Rules (AoBR).
  • These rules do not designate cybersecurity solely to any one ministry, leading to overlapping responsibilities among the Prime Minister’s Office, Home Ministry, and IT Ministry.
  • Globally, CERTs can fall under either the Home office or the IT ministry, depending on the country.

Conclusion

The tussle between the IT Ministry and MHA over CERT-In highlights the evolving challenges in cybersecurity management and the need for clear delineation of roles and responsibilities among various governmental agencies.

Q.1. What is Indian Cyber-crime Coordination Centre (I4C)?

The Indian Cyber-crime Coordination Centre (I4C) is a government initiative aimed at addressing cybercrime in India. It coordinates law enforcement efforts, facilitates capacity building, and fosters collaboration among agencies to combat cyber threats and enhance cybersecurity.

Q.2. What is cyber security?

Cybersecurity is the practice of protecting computer systems, networks, and data from digital attacks, unauthorized access, and damage. It involves implementing measures such as encryption, firewalls, and intrusion detection to ensure the confidentiality, integrity, and availability of information.

Source: Both Home and IT ministries pitch for control of nodal cyber security watchdog Cert-In