In India, it is legally mandatory for which of the following to report on cyber security incidents?
- Service providers
- Data centers
- Body corporate
Select the correct answer using the codes given below:
(a) 1 only
(b) 1 and 2 only
(c) 3 only
(d) 1, 2 and 3
Answer: (d)
Explanation:
- According to section 70B of the Information Technology Act, 2000 (IT Act), the Union Government by notification should appoint an agency named Indian Computer Emergency Response Team (CERTIn) to serve as the national agency for incident response.
- The Union Government under section 70B of the IT Act, 2000 established and notified rules of CERT-In in 2014. According to Rule 12(1)(a), it is mandatory for service providers, intermediaries, data centers and corporate bodies to report cyber security incidences to CERT-In within a reasonable time of occurrence of the incident. Hence, 1, 2 and 3 are correct.
- Therefore, option D is the correct answer.