In the recent gazette notifications, Government of India has added two Airport terminals namely Delhi International Airports Ltd and GMR Hyderabad International Airports as part of “Protected Systems” under section 70B of ITA 2000.
Additionally following entities have also been declared Protected systems in different categories.
4.Tamilnadu Mercantile Bank Ltd
6.Government of India e Market place
The implications of this declaration for the organizations is that they are now under direct control of CERT IN for their information security management. Their IS policy needs to be approved by CERT In and a representative of CERT In should in in the IS Governance committee.
For the employees and public it is necessary to consider that any “Attempt” to access such systems outside the permitted mode will be considered as a cognizable offence with an imprisonment of 7 years.
Being declared a “Protected System” is not a feather in the cap of the institutions. It is more an admission that they cannot be relied upon to handle their Cyber Security and needs close supervision.
In a way it indicates that their IS management system is “Sick” and needs oversight from a National security agency. It is surprising to see small Banks like Bandhan Bank in this list.
Naavi
