Government strengthens cyber security measures to combat ransomware and cross-border threats
New Delhi, December 17
The Government of India continues to implement a series of strategic initiatives to strengthen the security of the national cyber ecosystem. These measures focus on protecting digital infrastructure against ransomware and cross-border cybercrimes to ensure a safe and accountable cyberspace. According to a Ministry of Electronics & IT press release, the government remains vigilant regarding threats to the digital landscape and works through specialized agencies to safeguard critical sectors.
The Indian Computer Emergency Response Team (CERT-In) and the National Critical Information Infrastructure Protection Centre (NCIIPC) lead these efforts. These organizations monitor incidents and support the restoration of services while conducting regular security audits under the Information Technology Act.
In July 2025, CERT-In issued Comprehensive Cyber Security Audit Policy Guidelines to ensure consistent and effective audits across all sectors, including critical infrastructure. Under these rules, audits occur at least once a year with the support of 231 empanelled security auditing organizations.
As the national agency for incident response, CERT-In issues regular alerts and advisories about new threats, including those involving malicious uses of artificial intelligence. It provides remedial measures to affected organizations and manages an automated threat intelligence exchange platform for proactive mitigation.
Additionally, the government conducts cyber security mock drills to assess the preparedness of various institutions. Sector-specific teams, such as CSIRT-Fin for finance and CSIRT-Power for the energy sector, monitor and respond to incidents within their respective areas.
The National Informatics Centre also carries out annual audits of central ministries, states, and national data centers. These efforts include the deployment of endpoint protection solutions and the removal of legacy systems from the network. The government utilizes 24-hour monitoring and advanced security tools to detect threats.
To reduce dependence on foreign technology, the Centre for Development of Advanced Computing develops indigenous cybersecurity tools. Furthermore, the Cyber Crisis Management Plan provides a framework for all government bodies to counter attacks and coordinate recovery efforts.
To expand the cybersecurity talent pool, the government introduced the Information Security Education & Awareness program and a dedicated awareness website. In September 2024, CERT-In launched the Certified Security Professional in Artificial Intelligence program to train professionals in securing AI systems.
For the public, the Cyber Swachhta Kendra operates as a botnet cleaning and malware analysis center. This facility helps citizens detect malicious programs and provides free tools for their removal. Union Minister of State for Electronics and Information Technology Jitin Prasada submitted this information in the Lok Sabha on December 17, 2025.
— ANI
Reader Comments
Good initiative, but implementation is key. We hear about data breaches too often. I hope these audits are truly rigorous and not just a box-ticking exercise. The public awareness website is a great idea—common people need to know how to stay safe.
Cross-border cyber threats are a real concern. It's high time we have a robust defense. The sector-specific teams for finance and power make sense—these are critical. Hope they are well-funded and staffed with the best talent.
The focus on AI security training is forward-thinking. As AI gets integrated everywhere, securing it is paramount. The Certified Security Professional in AI program could be a model for other countries. Good to see India taking a lead.
Cyber Swachhta Kendra is a fantastic public service, like a digital *safai abhiyan*. My father's computer was infected last month, and their free tool helped clean it. More people should know about it. Awareness is half the battle.
While the policy framework seems comprehensive, I have a respectful criticism. The article mentions 231 empanelled auditing firms. How is their quality controlled? A weak audit by one firm can compromise an entire sector's security. Transparency in their selection and performance review is crucial.
A We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.