CERT-In has issued new cybersecurity guidelines that will require technology vendors to adopt AI-assisted security testing, disclose critical vulnerabilities immediately, and significantly accelerate patch deployment across India's digital ecosystem.
The framework applies to OEMs, software vendors, cloud service providers, managed service providers, and other technology suppliers operating in the country. The move comes as cyber threats increasingly evolve with artificial intelligence, enabling attackers to identify vulnerabilities faster, automate reconnaissance, and scale exploitation with greater precision.
"The direction CERT-In has taken reflects what those of us in the cybersecurity industry have been seeing on the ground for a while now. Attackers are not waiting for vendors to get their house in order," said Sunil Sharma, managing director and vice president-sales (India & Saarc) at Sophos. "This advisory solves the immediate problem well, faster patching and real visibility into what organisations are running is exactly what's needed against AI-accelerated attacks," said Atul Arya, founder and CEO of Blackstraw.AI.
Supply Chain Security Focus
A key focus of the framework is supply-chain security. Vendors will need to maintain detailed inventories of software, hardware, cryptographic tools, AI components, and third-party dependencies, aimed at improving visibility across complex enterprise systems.
Get the latest business news and top stories. Download the TOI App. Ready to Make a Smarter Property Decision? Build Your Legacy with TOI Homes.
