SDG 9: Industry, Innovation, and Infrastructure | SDG 16: Peace, Justice and Strong Institutions
Institutions: Ministry of Electronics & IT (MeitY)
The Government has detailed several ongoing and new initiatives aimed at comprehensively strengthening India’s cyber security infrastructure to counter the escalating threat landscape. The scale of the challenge is significant, with 15.2 lakh (1.52 million) cyber security incidents reported in 2025 (up to November), up from 13.9 lakh in 2024.
Key Pillars of India’s Cyber Security Strategy:
Threat Monitoring & Response:
CERT-In (the nodal agency) consistently issues alerts and advisories on the latest cyber threats, totaling 1,180 advisories in 2025 (up to November).
The National Cyber Coordination Centre (NCCC) is mandated to scan threats and generate proactive security alerts for relevant organizations.
Coordination mechanisms are enhanced across stakeholders, including with specialized sector-specific CERTs (e.g., Finance, Power).
Capacity Building & Legal Framework:
The Cyber Surakshit Bharat Initiative is underway, having trained over 3,000 Chief Information Security Officers (CISOs) and IT professionals across 20 States/UTs.
The Digital India Act (DIA), currently proposed, is set to provide updated legal provisions for mandatory reporting of cybersecurity incidents and reinforcing breach notification protocols.
India maintains bilateral engagement with 27 countries for sharing cyber threat information.
Policy Relevance
The sustained focus on issuing high volumes of advisories and investing in the Cyber Surakshit Bharat Initiative is critical to institutional resilience. This multilayered strategy, anchored by CERT-In and supported by the forthcoming Digital India Act, is necessary to safeguard India’s rapidly expanding digital economy and critical infrastructure against the escalating volume and sophistication of cyber threats.
What is CERT-In?→ CERT-In, or the Indian Computer Emergency Response Team, is the national nodal agency under the Ministry of Electronics & IT (MeitY) responsible for coordinating and issuing alerts related to cybersecurity incidents across India. Established under the Information Technology Act, 2000, its primary function is to collect, analyze, and disseminate information on cyber incidents and respond to emergency situations.
Relevant Question for Policy Stakeholders: When can the industry expect the final passage of the Digital India Act to provide clearer legal backing for breach reporting and cybercrime penalties?
Follow the full news here: CYBER SECURITY INFRASTRUCTURE