Securing the Digital Republic: The Role of CERT-In in India’s Cyber Resilience

Home > Current Affairs  > Securing the Digital Republic: The Role of CERT-In in India’s Cyber Resilience

23 Jan Securing the Digital Republic: The Role of CERT-In in India’s Cyber Resilience

Posted at 23 Jan 2026 in Current Affairs by
0 Likes

This article covers “Daily Current Affairsand From  Securing the Digital Republic: The Role of CERT-In in India’s Cyber Resilience

SYLLABUS MAPPING  

GS- 3- Internal Security- Securing the Digital Republic: The Role of CERT-In in India’s Cyber Resilience

FOR PRELIMS 

What is CERT-In and why is it important for India’s cybersecurity?

FOR MAINS

What role does CERT-In play in handling cyber incidents in India?

Why in the News?

India’s rapid digital transformation has fundamentally reshaped governance, commerce, and citizen engagement. Digital payments, e-governance platforms, online service delivery, and data-driven public infrastructure now form the backbone of India’s socio-economic ecosystem. As digital adoption deepens, however, the exposure to cyber threats—ranging from phishing and ransomware to AI-enabled fraud and attacks on critical infrastructure—has expanded proportionately.

Recognising cybersecurity as a strategic imperative, the Government of India has instituted a comprehensive policy, institutional, and operational framework to safeguard cyberspace. At the centre of this framework stands the Indian Computer Emergency Response Team (CERT-In), operating under the Ministry of Electronics and Information Technology (MeitY) and empowered by the Information Technology Act, 2000. CERT-In provides national leadership in cyber incident response, threat intelligence, resilience-building, and secure digital practices.

India’s Expanding Digital Landscape and Emerging Cyber Risks

Over the last decade, India’s digital footprint has expanded exponentially. Internet connections increased from 25.15 crore in 2014 to over 100 crore by 2025, while average monthly data consumption per subscriber surged nearly 400-fold, reaching 24.01 GB, among the highest globally.
This digital infrastructure has enabled the meteoric rise of Unified Payments Interface (UPI), which processed over 21 billion transactions worth ₹27 lakh crore in December 2025 alone. While this expansion has deepened financial inclusion and service delivery, it has also widened the cyber-attack surface across banking, power, transport, telecom, and governance platforms.
Reflecting this reality, the Union Budget 2025–26 allocated ₹782 crore for cybersecurity, underlining the state’s recognition of cyber resilience as a public good.

In this ecosystem, CERT-In’s role is reinforced through sector-specific extensions such as:
1. CSIRT-Fin, strengthening cybersecurity in the BFSI sector through coordinated incident response and intelligence sharing.
2. CSIRT-Power, securing critical power infrastructure through audits, threat intelligence integration, and proactive mitigation.

Core Mandate and Functions of CERT-In

Designated as India’s national nodal agency under Section 70B of the IT Act, 2000, CERT-In’s mandate encompasses prevention, detection, response, and recovery from cyber incidents.
Its core functions include:
1. Promoting cybersecurity awareness among citizens and organisations
2. Facilitating automated cyber threat intelligence sharing
3. Issuing near real-time alerts on emerging threats
4. Institutionalising responsible vulnerability disclosure
5. Coordinating incident mitigation during national and international events
6. Supporting cyber forensics and law enforcement investigations
7. Conducting training programmes, drills, and cyber crisis simulations
8. Operating Cyber Swachhta Kendras (CSKs) and a national Command & Control Centre
9. Guiding organisations in cyber crisis management and preparedness planning

CERT-In at the Core of India’s Cyber Resilience Strategy (2025 Performance)

1. National Incident Response and Intelligence: 29.44 lakh cyber incidents handled, 1,530 alerts, 390 vulnerability notes, and 65 advisories issued 29 CVEs identified and published, reflecting indigenous threat research capability
2. Cybersecurity Audits: 231 empanelled security audit organisations Major audits conducted in banking, power, transport, and energy sectors, enhancing critical infrastructure resilience
3. Capacity Building: 32 specialised technical programmes and 95 awareness sessions 20,799 officers and professionals trained across government, PSUs, and industry
4. Cyber Drills and Preparedness: 122 cybersecurity drills, including tabletop exercises Participation from 1,570 organisations across defence, finance, space, telecom, energy, transport, IT/ITeS, and State Data Centres
5. Awareness and Knowledge Dissemination: 95 awareness programmes, covering 91,065 participants Extensive publication of advisories, whitepapers, and technical guidelines

Key Reports and Guidelines (2025)

CERT-In released forward-looking documents covering emerging technologies and sectors, including:
1. Smart City Cybersecurity Guidelines
2. Satellite Communications Cybersecurity Advisory
3. India Ransomware Report
4. BFSI Digital Threat Report
5. UAS Cybersecurity White Paper
6. SBOM, QBOM, CBOM, HBOM, and AIBOM Guidelines (Version 2)
7. Quantum Cyber Readiness White Paper
8. Cyber Defence Controls for MSMEs
9. “Cyber Smart Kids: Suraksha Guide”
10. Cybersecurity Best Practices for Senior Citizens

Institutional Frameworks Anchored by CERT-In

1. Cyber Swachhta Kendra (CSK): Covers 98% of India’s digital population, tracks botnets and malware, and provides free remediation tools. Over 89.55 lakh downloads highlight its citizen-centric preventive role.
2. Security Assurance Framework: Enables audits, vulnerability assessments, penetration testing, and secure design guidelines across government and critical sectors.
3. National Cyber Coordination Centre (NCCC): Provides metadata-level situational awareness and real-time threat sharing with States and organisations.
4. Sectoral and State CSIRTs: Enable decentralised, domain-specific incident response while remaining integrated with national oversight.
5. Cyber Crisis Management Plan (CCMP): Ensures continuity of essential services during major cyberattacks and cyber-terror incidents.

Global Recognition and Strategic Significance

CERT-In’s domestic capabilities have translated into global recognition:
1. Highlighted in WEF’s Global Cybersecurity Outlook 2025 for AI-driven threat detection and intelligence sharing
2. Contributor to the Cyber Resilience Compass (WEF–Oxford)
3. Co-signatory to the ANSSI-led report on AI cyber-risk governance

Conclusion

In an era of escalating cyber risks, CERT-In remains the backbone of India’s cybersecurity architecture. By integrating policy direction with operational readiness, capacity building, and international cooperation, CERT-In has significantly strengthened national cyber resilience. Its citizen-centric initiatives, sectoral coordination, and forward-looking guidelines demonstrate a comprehensive approach to securing India’s digital ecosystem. Global recognition of its AI-driven innovations further reinforces India’s emergence as a responsible cyber power. Collectively, these efforts reaffirm the Government of India’s commitment to a safe, trusted, and secure digital future.

Best ias coaching in delhi  Best ias coaching in chandigarh

Prelims question:

Q. With reference to the Indian Computer Emergency Response Team (CERT-In), consider the following statements:

1. CERT-In is the national nodal agency for responding to cybersecurity incidents under the Information Technology Act, 2000.
2. Cyber Swachhta Kendra functions under CERT-In to promote cyber hygiene among citizens by detecting botnets and malware.
3. The National Cyber Coordination Centre (NCCC) functions under the Ministry of Home Affairs.
Which of the statements given above are correct?
(a) 1 and 2 only
(b) 2 and 3 only
(c) 1 and 3 only
(d) 1, 2 and 3

Answer: A

Mains Question:

Q. Cybersecurity has emerged as a foundational pillar of national security in the digital age.” In this context, examine the role of CERT-In in strengthening India’s cyber resilience

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 (250 words)

Ritik singh
Latest posts by Ritik singh (see all)
No Comments

Post A Comment