Department of Telecommunications vide notification dated 21st November, 2024 has issued the Telecommunications (Telecom Cyber Security) Rules, 2024. Every telecommunication entity shall implement the following measures to ensure telecom cyber security, namely :—
- Adopt a telecom cyber security policy.
- Inform the Central Government on adoption of the policy.
- Identify and reduce the risks of security incidents and ensure timely responses to such incidents.
- Take appropriate action for addressing security incidents, and mitigate their impact.
- Ensure implementation of directions and standards issued by the Central Government on telecom cyber security.
- Conduct periodic telecom cyber security audits of its network to assess resilience to threats on telecom cyber security through its own mechanisms and through the certified agency in such intervals as may be specified by the Central Government on the portal, and share the audit report with the Central Government, which may undertake further audits if so required.
- Report security incidents to the Central Government, or any officer authorised in this behalf by the Central Government, and measures taken to address such incidents.
- Establish facilities such as Security Operations Centre (SOC), by itself or in collaboration with other telecommunication entities, within the time period as may be specified by the Central Government.
