Cert-In cyber rules deadline for MSMEs to be postponed

New Delhi, Oct 12 (KNN) Hinting an extension in the deadline of Cert-In cyber rules, Minister of State for Electronics and IT Rajeev Chandrasekhar assured that SMEs or MSMEs will not bear the burden of Cert-In cyber rules until they are ready.

As per media reports, it is likely that the government will extend the deadline for complying with its cyber security directives by three months.

The Minister said that it will apply for MSMEs as well as SMEs.

“We are very clear. We will not make SMEs or MSMEs bear the burden of this additional compliance until they are ready,” he said.

The Indian Computer Emergency Response Team (Cert-In)’s April 28 guidelines required all companies, intermediaries, data centres and government organisations to report any data breach to the government within six hours of becoming aware of it.

The guidelines had also mandated Virtual Private Network (VPN) service providers to maintain all the information they had gathered as part of know-your-customer (KYC) rules and hand it over to the government as and when required.

On May 18, during a press conference to explain the FAQs on the Cert-In guidelines, the minister said VPN service providers that did not want to adhere to the guidelines were “free to leave India”.

In June, the ministry decided to provide a breather of 90 days, or until September 25, to all companies after it received representations from SMEs, MSMEs, data centres, VPS, VPN, and cloud service providers that they needed more time to “build capacity”.  (KNN Bureau)