New Delhi: India witnessed a sharp rise in cybersecurity incidents over the past five years, with 1,592,917 cases reported in 2023, according to data presented by Minister of State for Electronics and Information Technology Jitin Prasada in the Lok Sabha. The statistics, compiled by the Indian Computer Emergency Response Team (CERT-In), indicate a nearly fourfold increase since 2019 when 394,499 incidents were recorded.
Incidents targeting government organizations also surged, from 85,797 in 2019 to 204,844 in 2023. The spike in these cases, particularly in 2022 and 2023, underscores the growing sophistication and frequency of cyberattacks on critical public sector infrastructure.

Measures to Strengthen Cybersecurity
To address the increasing volume and complexity of cyber threats, the government has implemented a robust strategy comprising key measures:
- Appointment of CISOs: All Central Ministries, Departments, and States/UTs are mandated to appoint Chief Information Security Officers (CISOs) for focused oversight on cybersecurity.
- NCIIPC for Critical Infrastructure: The National Critical Information Infrastructure Protection Centre (NCIIPC) safeguards critical systems, providing threat intelligence, situational awareness, and alerts.
- National Cyber Coordination Centre (NCCC): This centre monitors cyberspace, detects threats, and facilitates inter-agency coordination to mitigate risks.
- Cyber Crisis Management Plan: CERT-In has formulated a plan to guide government entities and critical sectors in countering cyberattacks and cyber terrorism.
- Cyber Swachhta Kendra (CSK): This botnet and malware cleaning centre offers tools to detect and remove malicious programs while promoting cybersecurity best practices.
- CSIRT-Fin for Financial Sector: A specialized response team for financial institutions to address cybersecurity incidents.
- Cybersecurity Directions: In April 2022, CERT-In issued guidelines under Section 70B of the IT Act, 2000, to ensure safer internet practices.
- Guidelines for Government Entities: In June 2023, CERT-In outlined practices covering data security, network security, incident management, and auditing for government organizations.
- Secure Application Development Guidelines: Released in September 2023, these guidelines focus on secure design, development, and implementation of applications.
- Software Bill of Materials (SBOM): Introduced in October 2024, these guidelines help organizations track software components to identify vulnerabilities.
- Advisory for Digital Data Security: In November 2023, CERT-In issued recommendations to enhance security for entities processing sensitive personal data.
- Regular Alerts and Advisories: CERT-In provides ongoing updates on emerging threats, vulnerabilities, and mitigation measures for public awareness.
- Automated Threat Intelligence Platform: CERT-In operates a platform for collecting and sharing tailored cyber threat alerts across sectors for proactive mitigation.
- Security Auditors: CERT-In has empanelled 155 organizations to audit and ensure adherence to cybersecurity best practices.
- International Coordination: CERT-In collaborates with global CERTs, service providers, and law enforcement agencies to address cybersecurity challenges.
- Cybersecurity Mock Drills: Regular drills are conducted to assess preparedness and enhance resilience in critical and government sectors.
- NIC’s Role in e-Governance Security: The National Informatics Centre supports government bodies with secure IT solutions, adhering to stringent information security policies.
With the volume of cyber threats increasing every year, the government’s proactive approach aims to build a secure digital environment for the public and private sectors. By fostering collaboration, enhancing threat intelligence, and promoting awareness, India is striving to safeguard its critical infrastructure and citizens from evolving cyber risks.
Discussion about this post