What is critical information infrastructure?
The Information Technology Act of 2000 defines CIC specifically. It defines CIC as a laptop resource whose incapacity or destruction has a crippling effect on national security, economics, public fitness, or safety. Its primary goal is to protect virtual assets. Under the Act, the government has the authority to designate any data, database, IT community, or communications infrastructure as CII. Anyone who gains access to or attempts to get access to a restricted device in contravention of the rule faces a jail sentence of up to 10 years.
Why is CII class and safety required?
- IT assets form the backbone of countless critical functions in a country’s infrastructure.
- Disruptions will have a cascade effect across sectors due to their interconnection.
- What prompted the formation of the CIC class?
- In 2007, a wave of denial-of-service attacks, purportedly from Russian IP addresses, targeted important Estonian banks, gov organizations- ministries and parliament – and media sites.
- It evolved into cyber hostility of a sort that the sector had previously not seen.
- For over three weeks, the attacks wreaked havoc in one of the world’s most networked countries.
Recent instances of CIC incapacity
As India battled the epidemic in October 2020, the electrical grid supply to Mumbai abruptly ceased. It impacted the hospitals, railways, and businesses of the megacity. Later, a look with the help of a US organization stated that the electricity outage was caused by a cyber-attack, purportedly by a China-connected outfit. The authorities, on the other hand, were quick to deny any cyber assault in Mumbai. However, potential cannot be ignored. The event highlighted the possibility of antagonistic country and non-country actors examining internet-based critical institutions in many countries, as well as the necessity to sustain such assets.
In India, how are CIIs covered?
The National Critical Information Infrastructure Protection Centre (NCIIPC), established in January 2014, serves as the nodal agency. It will go to any length to protect the country’s vital statistical infrastructure. It is mandated to protect CIIs against “unauthorized access, modification, usage, disclosure, interruption, incapacity, or distraction.” NCIIPC monitors and anticipates national-level risks to CII for coverage recommendations, know-how exchange, and situational awareness for early warning or alerts.
Disclaimer: The views expressed above are for informational purposes only based on industry reports and related news stories. PropertyPistol does not guarantee the accuracy, completeness, or reliability of the information and shall not be held responsible for any action taken based on the published information.
