How CERT-In is quietly securing a billion user digital infrastructure
July 13, 2026
  • Read Ecopy
  • Circulation
  • Advertise
  • Careers
  • About Us
  • Contact Us
Android AppiPhone AppArattai
Organiser
  • ‌
  • Bharat
    • Assam
    • Bihar
    • Chhattisgarh
    • Jharkhand
    • Maharashtra
    • View All States
  • World
    • Asia
    • Europe
    • North America
    • South America
    • Africa
    • Australia
  • Editorial
  • International
  • Opinion
  • RSS @ 100
  • More
    • Op Sindoor
    • Analysis
    • Sports
    • Defence
    • Politics
    • Business
    • Economy
    • Culture
    • Special Report
    • Sci & Tech
    • Entertainment
    • G20
    • Azadi Ka Amrit Mahotsav
    • Vocal4Local
    • Web Stories
    • Education
    • Employment
    • Books
    • Interviews
    • Travel
    • Law
    • Health
    • Obituary
  • Subscribe
    • Subscribe Print Edition
    • Subscribe Ecopy
    • Read Ecopy
  • ‌
  • Bharat
    • Assam
    • Bihar
    • Chhattisgarh
    • Jharkhand
    • Maharashtra
    • View All States
  • World
    • Asia
    • Europe
    • North America
    • South America
    • Africa
    • Australia
  • Editorial
  • International
  • Opinion
  • RSS @ 100
  • More
    • Op Sindoor
    • Analysis
    • Sports
    • Defence
    • Politics
    • Business
    • Economy
    • Culture
    • Special Report
    • Sci & Tech
    • Entertainment
    • G20
    • Azadi Ka Amrit Mahotsav
    • Vocal4Local
    • Web Stories
    • Education
    • Employment
    • Books
    • Interviews
    • Travel
    • Law
    • Health
    • Obituary
  • Subscribe
    • Subscribe Print Edition
    • Subscribe Ecopy
    • Read Ecopy
Organiser
  • Home
  • Bharat
  • World
  • Operation Sindoor
  • Editorial
  • Analysis
  • Opinion
  • Culture
  • Defence
  • International Edition
  • RSS @ 100
  • Magazine
  • Read Ecopy
Home Bharat

India Cyber Defence Architecture: How CERT-In is quietly securing a billion user digital infrastructure

India’s digital ecosystem expands at unprecedented scale, cybersecurity has emerged as a pillar of economic stability and governance. At the centre of this architecture, CERT-In has evolved into the institutional backbone securing India’s digitally dependent economy

Vivek KumarVivek Kumar
Jan 31, 2026, 11:00 pm IST
in Bharat, Analysis, Technology, Sci & Tech
Follow on Google News
Representative Image

Representative Image

FacebookTwitterWhatsAppTelegramEmail

Indian digital revolution has created one of the world’s largest connected societies, but scale has also produced vulnerability. With over 100 crore internet connections, ₹27 lakh crore in monthly UPI transactions and critical infrastructure has increasingly digitised. Cybersecurity is no longer a technical afterthought it is a matter of economic stability, governance continuity and national security. At the centre this CERT-In has become institutional backbone of India’s cyber resilience strategy.

Digital expansion and the scale of risk

Indias digital growth has been center of attraction for world over the ten years. The number of internet connections in India increased a lot from 25.15 crore in 2014 to 100.29 crore by 2025. At the time the amount of data people used every month went up nearly 400 times. Indias internet users consumed 61.66 MB of data per month in the beginning but this number jumped to 24.01 GB per user by 2025. The digital growth of India is about the internet and how people in India uses the internet. Indian internet scenario is growing fast.

India got access to financial services and other services from digital developments. It has also made India more vulnerable and towards cyber-attacks. Every time someone makes a transaction or a company moves its data to the cloud or uses an internet connected device. Indias cyber-attack surface is a problem because of all these digital transactions and internet connected devices.

The financial sector is an example of this risk. It is very clear. In December 2025 UPI processed over 21 billion transactions. These transactions were worth than ₹27 lakh crore. If there are problems with the system or if someone attacks it this can have big effects on the economy. This shows why cybersecurity is very important for the economy to be stable. That is why the Union Budget 2025–26 put aside ₹782 crore for cybersecurity. This means that digital security is now a part of the policy. The financial sector and cybersecurity are closely linked.

CERT-In: From incident response to strategic cyber governance

The Computer Emergency Response Team of India which is also known as CERT-In was set up under Section 70B of the Information Technology Act of 2000. CERT-Ins main job has changed a lot over time. It used to handle incidents after they happened but now it does a lot more. Nowadays CERT-In works as the point for India when it comes to finding out about threats coordinating between different sectors and reducing the risks that come with using computers and the internet.

In the year 2025 the Computer Emergency Response Team of India which is also known as CERT-In dealt with than 29.44 lakh cyber incidents. This is a big number and it shows that India is one of the countries that has to respond to a lot of cyber problems. The cyber incidents that CERT-In handled were of all kinds including phishing campaigns where people try to trick others into giving away information and ransomware attacks where peoples data is locked and they have to pay to get it back. There were also problems with infrastructure systems, which are like the basic systems that our country needs to function properly.

To manage this complexity, CERT-In issued 1,530 alerts, 390 vulnerability notes and 65 advisories by enabling near-real-time risk mitigation across sectors. 29 Common Vulnerabilities and Exposures (CVEs) were identified and published domestically, strengthening indigenous vulnerability research. This shift from firefighting to anticipation marks in CERT-In transition into a strategic cyber institution rather than a purely technical agency.

Sectoral cyber defence: Protecting the economic nervous system

India’s cyber threat profile is no longer uniform, it is sector-specific. Recognising this CERT-In has developed sectoral CSIRTs to protect domains where cyber disruption could cause systemic damage.

Financial Sector (CSIRT-Fin): The BFSI ecosystem faces high-frequency attacks due to transaction volumes and data sensitivity. CSIRT-Fin enables coordinated threat intelligence sharing, incident response and advisories across banks, NBFCs, insurers and payment platforms. Thus ensuring continuity of trust in India’s digital finance architecture.

Power and Energy (CSIRT-Power): Power grids are increasingly digitised and networked, making them vulnerable to cyber sabotage. CSIRT-Power functions as CERT-In extended arm, analysing threats, coordinating audits and ensuring vulnerabilities flagged by Cyber Swachhta Kendra are addressed before they translate into physical disruptions. These sector-specific frameworks signal a shift from generic cyber defence to infrastructure-grade security planning.

Audits, assurance and the institutionalisation of cyber hygiene

One of the most consequential interventions has been the institutionalisation of cybersecurity audits. In 2025, 231 cybersecurity audit organisations were empanelled, significantly expanding India assessment capacity across government and critical infrastructure

A significant proportion of CERT-In led audits concentrated on banking and financial institutions, power and energy infrastructure and transport and logistics networks. Importantly audit outcomes are not treated as standalone compliance documents. Findings are aggregated and analysed to detect systemic design vulnerabilities, informing revised guidelines and secure-by-design advisories. This structured feedback loop has enhanced cyber resilience not only at the organisational level but across entire critical sectors.

Capacity building at national scale

Cybersecurity is only as strong as the human systems operating it. In 2025, CERT-In conducted:

  • 32 specialised technical training programmes
  • 95 cybersecurity awareness sessions
  • 122 cybersecurity drills and exercises, including complex tabletop simulations

These initiatives collectively trained 20,799 officers and cybersecurity professionals across government, PSU and industry.

The drills had a lot of people involved with 1,570 organisations taking part. These organisations are from different fields, including defence, space, atomic energy, telecom, finance, power, oil and gas transport IT/ITeS and State Data Centres. This is important because it shows that everyone is working together to get ready for crises. The government wants to make sure that all of these organisations can respond quickly and work together when something bad happens with security. This is a deal because it means that the government is taking a whole of government approach to cyber security.

Cyber Swachhta Kendra: Citizen-centric cybersecurity

So security is really important for institutions. Indias cyber system also needs people to be careful with their computers and phones. The Cyber Swachhta Kendra or CSK for short is a deal because it is one of the largest efforts, in the world to prevent cyber-attacks from happening in the first place. The Cyber Swachhta Kendra is doing a lot of work to keep the cyber system safe.

By December 2025 CSK had covered all of Indias digital population. They worked with a lot of organisations around 1,427 across different sectors. The CSK systems for detecting botnet and malware were really good at sending out alerts to users who had been compromised. This helped a lot of people. In fact the CSK malware removal tool was downloaded around 89.55 lakh times, which shows that many people in the public were using it. The CSK is clearly doing a job, at helping people with malware and botnet problems.

Unlike enforcement-driven models CSK focuses on voluntary remediation and awareness, aligning cybersecurity with India’s participatory governance ethos

Policy frameworks for emerging technologies

ERT-Ins 2025 outputs show that they are really looking at what the future might hold. They want to be ready for the things that could happen tomorrow. Of just dealing with the old threats they made new rules to handle the new kinds of risks that are coming up. CERT-In is focusing on these next-generation risks. Trying to stay one step ahead. The new policy frameworks from CERT-In are all about getting ready for what’s coming next.

  • SBOM, QBOM, CBOM, HBOM and AIBOM guidelines, creating transparency across software, hardware, cryptography and AI supply chains
  • Quantum Cyber Readiness White Paper, preparing institutions for post-quantum cryptographic threats
  • Ransomware and BFSI Digital Threat Reports, offering sector-specific intelligence
  • Guidelines for smart cities, satellite communications, UAS security and MSMEs

These documents are helping India to get ready for problems before they happen so India does not have to wait for a crisis to happen and then try to fix it. This way India is moving towards being prepared. The country will not have to depend so much on trying to solve problems after they have already happened. The documents are really important for India to have a system and India is trying to make sure that the country is ready, for anything that might happen instead of just waiting for something bad to happen and then trying to deal with it. These documents are a part of Indias plan to be more prepared and to reduce the need for India to react to crises all the time.

Also Read: Sunetra Pawar set to become Maharashtra’s first woman Deputy Chief Minister after the demise of her husband Ajit Pawar

Command, coordination and crisis management

CERT-In also anchors a multi-layered national coordination framework. This includes the National Cyber Coordination Centre for metadata level situational awareness, State and Sectoral CSIRT enabling decentralised and rapid response. The Cyber Crisis Management Plan ensures continuity of essential services during major incidents. Such an integrated architecture allows India to absorb cyber shocks without cascading systemic failure, an indispensable capability for a digitally dependent economy.

Global recognition and strategic credibility

The policy maturity and the operational scale of CERT-In have gradually attracted the world to take notice of it. Its work has been part of the World Economic Forum Global Cybersecurity Outlook in 2025 on AI-driven threat detection, the Oxford-WEF Cyber Resilience Compass in areas of global resilience and France in it co-signed AI risk governance report. These recognitions underscore the shift of India as a cyber consumer to a norm-shaper in the world digital governance structures.

Cybersecurity as sovereign infrastructure

The cyberspace security in India is in a decisive stage. The finance systems, the governance system, the energy system and the trust of the people are now being supported by digital systems, cyber defence has now become a sovereign infrastructure.

The performance of CERT-In of 2025 in terms of millions of incidents addressed, thousands of audit and alert messages and country wide coverage of citizens signifies that India is not only developing digital capacity but also digital resilience.  The increasing complexity and use of AI in cyber threats argues can be seen in India, where scale, coordination and policy foresight is the real engine of national cybersecurity.

Topics: IndiaTechnologycyber crimeCERT-InDigital revolution
ShareTweetSendShareSend
✮ Subscribe Organiser YouTube Channel. ✮
✮ Join Organiser's WhatsApp channel for Nationalist views beyond the news. ✮
Previous News

Karnataka: Villagers cry foul as Shadi Mahal rises on alleged government school land in Madikeri

Next News

Union Budget 2026: Tax relief, AI push and capex boost top industry wishlist ahead of Sitharaman’s ninth budget

Related News

Commerce and Industry Minister Piyush Goyal

Fact Check: Piyush Goyal rejects Reuters report on India-US trade deal as “false & misleading”; Reaffirms balanced pact

Great Nicobar is emerging as a strategic gateway that strengthens India's maritime reach while increasing pressure on China's Malacca Dilemma

Great Nicobar Project to boost India’s Indo-Pacific leverage, deepen China’s Malacca Dilemma: Report

PM Modi's Gifts to Albanese Blend India's Ancient Craft, Modern Music and Premium Coffee

From Dhokra Sculpture to Colonial Cousins Vinyl: PM Modi’s gifts to Australian PM Albanese showcases cultural heritage

Prime Minister Narendra Modi and New Zealand Prime Minister Christopher Luxon

India-New Zealand Strategic Partnership: A new horizon for New Delhi’s economic diplomacy

Economic resilience of India amid West Asia crisis

Bharat’s Data Centre Moment: From digital consumer to trusted technology power

Load More

Latest News

Prime Minister Narendra Modi (Left) and Indonesian President Prabowo Subianto (Right)

PM Modi’s Indonesia Visit: Threads from the past, transformation for future

PoJK: Uprising against continued colonisation

Delhi Riots 2020

Delhi Riots 2020: Former AAP Councillor Tahir Hussain & four others convicted for murdering IB Officer Ankit Sharma

500-year-old murti recovered from Bay Of Bengal after fishermen find it in fishing net

500-year-old murti recovered from Bay of Bengal by fishermen; Authorities probe origin & possible smuggling link

Commerce and Industry Minister Piyush Goyal

Fact Check: Piyush Goyal rejects Reuters report on India-US trade deal as “false & misleading”; Reaffirms balanced pact

Representative Image

West Bengal: 48 girls, including minors, rescued from Islampur red-light area in major anti-trafficking crackdown

Great Nicobar is emerging as a strategic gateway that strengthens India's maritime reach while increasing pressure on China's Malacca Dilemma

Great Nicobar Project to boost India’s Indo-Pacific leverage, deepen China’s Malacca Dilemma: Report

PM POSHAN

PM POSHAN Scheme: Yogi government launches massive drive to recruit 3.53 lakh cooks in Uttar Pradesh

Uttar Pradesh: US national claiming special forces past held near Indo-Nepal border without passport

Rajaprasad Bije Ritual: Servitors Convey Mahaprabhu's Recovery Message to Gajapati Maharaja Divya Singh Dev

Odisha: Rajaprasad Bije ritual held at Puri Jagannath Temple; Gajapati Maharaja informed of Mahaprabhu’s recovery

Load More
  • Privacy
  • Terms
  • Cookie Policy
  • Refund and Cancellation
  • Delivery and Shipping

© Bharat Prakashan (Delhi) Limited.
Tech-enabled by Ananthapuri Technologies

  • Home
  • Search Organiser
  • Bharat
    • Assam
    • Bihar
    • Chhattisgarh
    • Jharkhand
    • Maharashtra
    • View All States
  • World
    • Asia
    • Africa
    • North America
    • South America
    • Europe
    • Australia
  • Editorial
  • Operation Sindoor
  • Opinion
  • Analysis
  • Defence
  • Culture
  • Sports
  • Business
  • RSS @ 100
  • Entertainment
  • More ..
    • Sci & Tech
    • Vocal4Local
    • Special Report
    • Education
    • Employment
    • Books
    • Interviews
    • Travel
    • Health
    • Politics
    • Law
    • Economy
    • Obituary
  • Subscribe Magazine
  • Read Ecopy
  • Advertise
  • Circulation
  • Careers
  • About Us
  • Contact Us
  • Policies & Terms
    • Privacy Policy
    • Cookie Policy
    • Refund and Cancellation
    • Terms of Use

© Bharat Prakashan (Delhi) Limited.
Tech-enabled by Ananthapuri Technologies