The Computer Emergency Response Team- India (CERT-IN) on 27th June issued a notification announcing a partial extension on the deadline for complying with its controversial Cybersecurity Directions. According to the notification, Micro, Small & Medium Enterprises (MSMEs) will now get time until 25th September 2022 to comply with the directions. To be sure, such entities would have to be covered under the criteria laid out for the same by the Ministry of Micro, Small & Medium Enterprises, the notification says. Further, the notification also announces an extension on compliance for the directions' requirement for Cloud Services Providers (CSP), Virtual Network Providers (VPN), etc. to maintain validated details of their customers. They would also have to comply by 25th September. During an industry stakeholder meeting conducted on the directions, on 10th June, representatives had asked the Ministry for Electronics and Information Technology (MeitY) to provide more clarity on the requirement for CSP, VPNs and others to validate details of their customers, adding that they did not have the capacity to conduct such validation. To this, the ministry had said that they would look for a solution on the same. Representatives of Small and Medium Enterprises had also raised their concerns during this meeting about the lack of capacity for complying with the directions, to which Rajeev Chandrasekhar Minister of State (MoS) for MeitY had asked SME's to submit a recommendation for a compliance period that could help them build capacity to comply with the directions, so the ministry could then consider…
