News Do VPN providers have to store web activity logs of users? Yes and No The government's clarification has added to the uncertainty. Sarvesh MathiMay 20, 2022
News FAQs on cybersecurity directive adds fresh concerns The response by MeitY does not quell concerns raised by privacy advocates. Sarvesh MathiMay 19, 2022
News Companies can use own time source but there’s a caveat There are still aspects of time sync that the government hasn't clarified. Sarvesh MathiMay 18, 2022
News Cybersecurity directive applies to foreign companies as well, IT Ministry clarifies It also elaborated on what type of logs should be kept. Sarvesh MathiMay 18, 2022
News Corporate VPNs not subject to cybersecurity directive, govt clarifies The rules around VPNs had drawn more negative attention. Sarvesh MathiMay 18, 2022
News India’s cybersecurity directive goes against security, tech companies argue ITI has asked the Indian government to withdraw its recent cybersecurity directive and have fresh stakeholder consultations. Sarvesh MathiMay 9, 2022
News Why India should not (yet) mandate companies to adopt a specific time source 'What CERT-In is asking companies to do has no meaning' Sarvesh MathiMay 6, 2022
News VPN providers call India’s new rules worse than China, Russia Here's how each of them responded to questions on the impact of the cybersecurity directive. Sarvesh MathiMay 6, 2022
News Why India’s new cybersecurity directive is a bad joke Cybersecurity experts don't hold back on the potential dangers of the new directive that goes into effect from June-end. Sarvesh MathiMay 5, 2022
News CERT-In wants cybersecurity incidents reported within 6 hours The agency has also expanded the types of cyber attacks that must be reported. Sarvesh MathiApril 29, 2022