Control of Nodal Cyber Security Watchdog CERT-IN

• Administrative Control: Currently, the Computer Emergency Response Team (CERT-IN) operates under the Ministry of Electronics and Information Technology (MeitY).
• Debate for Ownership: There is an ongoing discussion between the Ministry of Information Technology (IT) and the Ministry of Home Affairs (MHA) regarding the control of CERT-IN. Each ministry presents distinct arguments for their preferred oversight.

Ministry of Home Affairs (MHA) Perspective:

• Enhanced Law Enforcement: The MHA advocates for the transfer of CERT-IN to its control to bolster law enforcement capabilities in cyberspace. The MHA argues that integrating CERT-IN under its jurisdiction would streamline cybercrime investigations by leveraging the MHA's existing enforcement powers and CERT-IN's technical expertise.
• Streamlining Investigations: The MHA believes that this integration would enhance coordination between technical responses and investigative processes, potentially improving the efficacy of handling cybercrimes.

Ministry of Information Technology (IT) Perspective:

• Technical Focus: The IT Ministry argues that CERT-IN's core functions are technical rather than investigative. CERT-IN's role involves incident reporting, issuing malware alerts, and advising on the improvement of security infrastructure.
• Distinct Functions: According to the IT Ministry, the technical functions of CERT-IN are separate from law enforcement activities. They emphasize that CERT-IN's primary responsibilities include responding to security incidents and enhancing communication infrastructure security, which are distinct from the investigative functions managed by the MHA.

About CERT-IN:

• Established: CERT-IN was established in 2004 under the Ministry of Electronics and Information Technology.
• Legal Framework: It operates under the Information Technology Amendment Act, 2008, which designates CERT-IN as the national nodal agency for responding to computer security incidents and enhancing the security of India’s communications and information infrastructure.

Notable Works of CERT-IN:

• High-Profile Investigations: CERT-IN has been involved in significant investigations, such as the 2022 cyberattack on AIIMS Delhi.
• Cybersecurity Directive: In 2022, CERT-IN issued a directive requiring VPN and cloud service providers to store customer information for five years.
• Incident Handling: In 2022, CERT-IN managed approximately 1.4 million cybersecurity incidents, with the majority involving the mitigation of vulnerable services.