Sanjay Prakash Sahoo asked: Is there a CERT kind of an approved framework to neutralise cyber threats to our nuclear reactors?

Munish Sharma replies: The Indian Computer Emergency Response Team (CERT-In) is the national nodal agency to respond to the cyber security incidents. However, nuclear installations are part of India's critical infrastructure. A nodal agency, National Critical Information Infrastructure Protection Centre (NCIIPC), designated by Section 70A of the IT (Amendment) Act, 2008 was established in 2014 to augment the protection of critical information infrastructure in India. The agency is tasked with the protection of critical information infrastructure from unauthorised access, modification, use, disclosure, disruption, incapacitation or distraction. The aspects of cyber security in nuclear installations are under the purview of NCIIPC. Both Cert-In and NCIIPC work in close coordination with each other, as well as with the organisations/ departments/ facilities identified as critical infrastructure.

(Posted on December 15, 2016)