MeitY tells ministries to tighten AI cyber defences, issue OEM guidelines

Krishnan-urged-to-implement-the-blueprint-s-recomm_1782561414370

MeitY Directs Ministries to Enhance AI Cybersecurity Measures

MeitY tells ministries to tighten AI cyber – India’s Ministry of Electronics and Information Technology (MeitY) has issued a directive to federal ministries, state governments, and regulatory bodies, urging them to tighten their AI-driven cybersecurity defenses. The move, part of a broader strategy to address the escalating risks posed by AI technologies, mandates that all departments review and update their existing protocols to align with the latest guidelines from the Indian Computer Emergency Response Team Coordination Centre (CERT-In). This directive emphasizes the urgent need for organizations to adapt to the rapidly evolving threat landscape, where AI-powered cyberattacks are becoming more sophisticated and frequent. The focus keyword, ‘MeitY tells ministries to tighten,’ is central to the initiative, which aims to ensure robust digital security across the country’s critical infrastructure and public services.

Escalating Threats and the Need for Proactive Measures

According to a June 10 letter released by the Hindustantimes, MeitY secretary Krishnan highlighted the transformative impact of AI on cybersecurity. He pointed out that the rapid spread of AI technologies, such as generative models and automated tools, is fundamentally altering the way cyber threats are generated and executed. This shift has prompted MeitY to issue new guidelines that require ministries to evaluate their cybersecurity frameworks and integrate CERT-In’s recommendations to combat emerging vulnerabilities. The directive comes as AI is increasingly used by malicious actors to bypass traditional security measures, making it imperative for institutions to adopt more agile and intelligent defenses. By tightening AI cyber defenses, the government aims to mitigate risks such as data breaches, system takeovers, and disruption of critical services.

The rapid expansion of AI, including generative models and automated systems, is reshaping the cybersecurity landscape.

Krishnan’s letter also underscores the importance of preparing technology suppliers and original equipment manufacturers (OEMs) to meet the heightened security demands. CERT-In’s May 25 blueprint outlines specific strategies to address vulnerabilities in digital infrastructure caused by AI. The blueprint calls for ongoing exposure management, real-time monitoring, and rapid response protocols, moving away from conventional security evaluations that may no longer be sufficient. This approach ensures that organizations can detect and neutralize threats in their early stages, rather than waiting for them to escalate. The inclusion of OEMs in these guidelines reflects the government’s recognition of the role these entities play in maintaining the security of the systems they provide to public and private sectors.

Strict Deadlines for Vulnerability Resolution

As part of the updated cybersecurity guidelines, CERT-In has introduced stringent deadlines for resolving security flaws. The guidelines stipulate that known exploited vulnerabilities in internet-facing systems must be fixed within 12 hours, while critical ‘crown-jewel’ infrastructure requires even faster action—within 24 hours. This urgent timeline ensures that the most pressing threats are addressed promptly, minimizing the window of opportunity for cybercriminals to exploit weaknesses. The directive also mandates that OEMs perform regular security audits, maintain detailed records of software components, and swiftly disclose any critical vulnerabilities they identify. By implementing these measures, the government seeks to create a more transparent and responsive cybersecurity ecosystem, where threats are identified, prioritized, and resolved in real time.

The emphasis on tightening AI cyber defenses is not just a reactive measure but a proactive step to future-proof India’s digital systems. With AI technologies capable of automating attacks and adapting to defenses in real time, the risk of persistent threats has grown exponentially. The new guidelines aim to equip ministries and OEMs with tools and protocols that allow them to stay ahead of these challenges. For instance, the use of AI in security monitoring enables faster detection of anomalies, while automated response systems can neutralize threats before they cause significant damage. By integrating these advanced techniques, the government hopes to create a more resilient cybersecurity posture, particularly in sectors that rely heavily on digital infrastructure such as finance, healthcare, and defense.

MeitY’s directive also calls for a collaborative effort between ministries, technology providers, and regulatory bodies. The involvement of institutions like the Reserve Bank of India (RBI), Securities and Exchange Board of India (SEBI), Insurance Regulatory and Development Authority of India (IRDAI), and National Bank for Agriculture and Rural Development (Nabard) highlights the cross-sectoral nature of the threat. These organizations are now required to align their cybersecurity strategies with the updated guidelines, ensuring that all critical systems are protected. The integration of AI into defense mechanisms will require continuous training and updates, as the technology evolves and new vulnerabilities emerge. By tightening AI cyber defenses, the government is not only addressing current threats but also laying the groundwork for long-term security resilience.

प्रातिक्रिया दे

आपका ईमेल पता प्रकाशित नहीं किया जाएगा. आवश्यक फ़ील्ड चिह्नित हैं *