The Indian government directs organizations to report security breaches to CERTIn within 6 hours

Incident types that fall within the scope include, but are not limited to, critical system compromise, target scanning, unauthorized computer and social media account access, website defacing, malware deployments, identity theft, DDoS attacks, leaks and Data leaks, unauthorized mobile devices.

Applications and attacks on servers and network devices such as routers and IoT devices. Investigation and coordination after legal process.

The instructions also direct interested organizations to synchronize ICT system clocks with the National Center for Computing (NIC) or National Physical Laboratory (NPL) Network Time Protocol (NTP) server to keep system logs for a renewable period of 180 days and to require VPN service providers to retain information such as names, addresses, phone numbers,
emails, and IP addresses of subscribers for at least five years