India’s new cyber rules criticised by tech firms

2022-06-09T09:09:00+01:00

No comments

The data protection rules will require firms to report a breach within six hours of discovery

Indian cyber security rules, which will come into place later this month, have been criticised by technology industry body, the Internet and Mobile Association of India (IAMAI).

IAMAI, which represents organisations including Google and Facebook, warns the new rules will create an “environment of fear rather than trust” and has called for a one-year delay before they take effect, according to a letter written to the IT Ministry and seen by Reuters.

Among other changes, the directive from the Indian Computer Emergency Response Team (CERT) will require tech companies to report data intrusions within six hours of noticing and to maintain IT and communications logs for six months following a breach.

IAMAI has proposed extending the six-hour window, noting the global standard for reporting cyber-security incidents is generally 72 hours.

The cost of complying with such directives could be “massive”, and proposed penalties for violation - including prison - would lead to “entities ceasing operations in India for fear of running afoul,” the IAMAI letter said.

Topics

No comments

News
Cyber war exclusions boost likelihood of claims litigation
2022-06-15T13:48:00Z
A lack of standard, battle-tested definitions in cyber policies makes litigation more likely amid the conflict in Ukraine, warns Moody’s
News
ESG: Where are you on your journey?
2022-06-06T10:22:00Z
Knowing where to start with ESG can be daunting for even the most seasoned of risk managers
News
Improved cyber resilience tempers ransomware
2022-06-06T08:31:00Z
Companies’ risk management investments appear to be paying off with notable moderation in ransomware frequency

No comments yet

You're not signed in.

Only registered users can comment on this article.

More Home

Online Only
Risk briefing: getting to grips with construction risks
2023-06-05T10:52:00Z
Ade Adeyemo, UK Construction Practice Lead – Risk Consulting at RSA Insurance, explores how construction risks are evolving and how risk managers must adapt to manage them
Analysis
Why risk managers must take stock of their firms’ geopolitical impact
2023-06-01T13:02:00Z
David Claridge, CEO of Dragonfly, explores why companies may be unwitting political actors and how risk managers can deal with the exposures this creates
Analysis
How climate change is making it more difficult for risk managers to find adequate insurance
2023-05-31T12:09:00Z
As insurers grapple with increasingly frequent and severe natural catastrophes, the insurability of cat risks is being called into question, with worrying implications for risk managers.

India’s new cyber rules criticised by tech firms

Topics

Related articles

Cyber war exclusions boost likelihood of claims litigation

ESG: Where are you on your journey?

Improved cyber resilience tempers ransomware

No comments yet

Only registered users can comment on this article.

More Home

Risk briefing: getting to grips with construction risks

Why risk managers must take stock of their firms’ geopolitical impact

How climate change is making it more difficult for risk managers to find adequate insurance