CERT-In: India's Frontline Defender against Cyber Threats

India, Jan. 23 -- The Government of India has issued a release:

An overview of CERT-In's Key achievements of 2025

Reports & Guidelines Published in 2025

As of December 2025, CSK covers 98% of India's digital population, sending large-scale notifications on botnet and malware infections. Engaging 1,427 organisations across key sectors, it helps detect and remediate malware, while 89.55 lakh downloads of its free botnet-removal tools underscore CSK's role as a citizen-centric, preventive cybersecurity initiatives.



Key Takeaways

Introduction

India's rapid digital transformation has reshaped governance, commerce, and citizen services at an unprecedented scale. From digital payments and e-commerce to online public service delivery, digital technology has become integral to everyday life. As digital adoption accelerates, safeguarding cyberspace has emerged as a national priority.

With rising instances of online fraud, phishing, ransomware attacks, AI-driven scams, and threats to critical digital infrastructure, the need for a coordinated and resilient cybersecurity framework has never been greater. Recognising this challenge, the Government of India has put in place robust policies, institutional mechanisms, and operational capabilities to ensure a safe, trusted, and secure digital environment.

At the centre of India's cybersecurity architecture is the Indian Computer Emergency Response Team (CERT-In), operating under the Ministry of Electronics and Information Technology (MeitY) and mandated by the Information Technology Act, 2000. CERT-In provides the institutional depth for national cyber defence by overseeing incident management, enhancing systemic resilience, and promoting secure digital practices across government, industry, and society. Its work underpins the protection of India's rapidly expanding digital ecosystem and supports confidence in digital platforms and services.

In today's interconnected digital landscape, cybersecurity is no longer a purely technical concern but a foundational pillar of national security, economic stability, and public trust. The scale and complexity of digital systems demand continuous vigilance, coordinated action, and strong institutional leadership. By combining policy direction with operational readiness, CERT-In not only responds to emerging cyber threats but also anticipates risks, builds resilience, and ensures that India's digital growth remains secure, inclusive, and sustainable.

India's Expanding Digital Landscape

Over the last decade, India's digital footprint has grown exponentially. It is driven by rising internet penetration, widespread smartphone adoption, and the rapid expansion of digital public services. By 2025, internet connections in India crossed the milestone of 100 crore, reaching 100.29 crore, compared to 25.15 crore in March 2014. Average monthly data consumption per wireless data subscriber increased nearly 399 times, rising from 61.66 MB in 2014 to 24.01 GB in 2025, among the highest globally.

This strong digital foundation has enabled remarkable growth in digital payments. The Unified Payments Interface (UPI) has emerged as the central pillar of India's digital payment ecosystem. In December 2025 alone, UPI processed over 21 billion transactions valued at more than Rs.27 lakh crore. While this digital expansion has significantly enhanced convenience and inclusion, it has also widened the attack surface for cyber threats. To address these risks, the Union Budget 2025-26 allocated Rs.782 crore for cybersecurity, underscoring the government's strong focus on securing India's digital infrastructure.

In this context, CERT-In's role assumes critical importance as the cornerstone of India's cybersecurity framework. CSIRT-Fin i.e. Computer Security Incident Response Team for the Financial Sector functioning under CERT In, strengthens cybersecurity in the financial sector by enabling coordinated incident response, information sharing, and providing guidance and support for the Banking, Financial Services, and Insurance (BFSI) sector. Similarly CSIRT-Power works as an extended arm of CERT-In for fortifying the cybersecurity posture of the Power Sector by coordinating and analysing cyber incidents, acting on cyber threat intelligence from CERT-In, taking proactive containment measures based on situational awareness details provided by CERT-In, ensuring cybersecurity audits are carried out and mitigating vulnerabilities as reported by CERT-In's Cyber Swachhta Kendra (CSKs).

Core Functions of CERT-In for the National Cybersecurity

CERT-In is the national agency for cyber incident response in India. Its mandate under section 70B of the Information Technology (IT) Act 2000 includes the prevention of cyberattacks, real-time monitoring of cyber threats, and swift coordination with stakeholders to mitigate and contain cyber incidents.

Core functions of CERT-In includes:

Through sustained operational engagement and coordinated response mechanisms, CERT-In ensures rapid containment of cyber incidents and supports the restoration of affected systems across sectors. Its continuous flow of actionable intelligence and guidance enables stakeholders to strengthen preparedness, reduce systemic risk, and respond effectively to evolving threats. Together, these efforts contribute to minimising disruption, accelerating recovery, and reinforcing confidence in India's digital ecosystem.

CERT-In at the Core of India's Cyber Resilience Strategy

CERT-In continues to serve as the cornerstone of India's national cyber defence architecture through proactive threat detection, rapid incident response, and large-scale capacity building. Its achievements in 2025 reflect a sustained and systematic effort to strengthen institutional resilience, secure critical digital infrastructure, and reinforce trust in India's rapidly expanding digital ecosystem.

In 2025, CERT-In also published a comprehensive suite of reports, whitepapers, guidelines, advisories, and vulnerability notes, providing timely, actionable guidance to organisations and stakeholders for proactive cyber risk mitigation and resilience building.

CERT-In's achievements in 2025 reflect its central role in safeguarding India's rapidly expanding digital ecosystem. Through large-scale capacity building, rigorous audits, continuous awareness efforts, and the release of forward-looking guidelines and technical frameworks, CERT-In has strengthened institutional preparedness across government, industry, and society.

Institutional Frameworks anchored by CERT-In

To operationalise national cybersecurity policy and translate strategic intent into on-ground action, CERT-In anchors a set of specialised institutional frameworks. These mechanisms provide structured coordination, preventive safeguards, and rapid response capabilities across sectors, States, and citizens.

Collectively, these institutional frameworks enable a whole-of-government and whole-of-society approach to cybersecurity. By integrating prevention, preparedness, response, and recovery. It ensures that India's digital ecosystem remains resilient, adaptive, and secure amid evolving cyber threats. This layered institutional design strengthens national readiness while safeguarding critical infrastructure and citizens alike.

Global Recognition of India's Cybersecurity Leadership

CERT-In's sustained domestic efforts have increasingly resonated at the global level. Its operational scale, technology-driven approaches, and emphasis on collaborative cyber governance have positioned India as a credible and responsible stakeholder in the international cybersecurity ecosystem.

Together, these recognitions underscore CERT-In's growing influence and leadership in shaping global cybersecurity and AI risk governance. They underscore CERT-In's emerging role in shaping global discussions on cyber resilience, threat intelligence sharing, and responsible AI risk governance.

Conclusion

Amid the growing complexity and scale of cyber threats, CERT-In continues to anchor India's cybersecurity ecosystem. Through continuously identifying and mitigating cyber risks, CERT-In has significantly strengthened national cyber resilience. Its initiatives, ranging from institutional frameworks and sectoral & state CSIRTs to citizen-centric awareness programmes, demonstrate a comprehensive and forward-looking approach to securing India's ICT infrastructure and protecting users. International recognition of CERT-In's AI-driven innovations further underscores India's growing leadership in cybersecurity. Collectively, these sustained efforts reaffirm the Government of India's commitment to safeguarding cyberspace and ensuring a safe, trusted, and secure digital future for all citizens.

References

Ministry of Electronics and Information Technology

Ministry of Communications

Ministry of Home Affairs

PIB Headquarters:

the420.in

click here to see pdf

Disclaimer: Curated by HT Syndication.