profile-img

Security

Home  »     »  Security

Security


NIC-CERT Division is the nodal arm of National Informatics Centre (NIC) for managing the cyber security incidents. NIC-CERT acts as a single point of contact and co-ordinate with concerned stakeholders for cyber security incidents targeted at NIC Infrastructure. It undertakes measures to issue periodic threat intelligence, Security Alerts/ Tips and advisories to safeguard NIC’s assets against cyber threats.

NIC-CERT strives to facilitate a safer and secure cyber space environment for users of NIC services, by providing timely cyber threat intelligence, advisory and best practices; to proactively ward off malicious attacks / threats targeted at the National Informatics Centre. NIC-CERT was established with the mission of collectively leading and coordinating the cyber security incident response and to strengthen the cyber security posture of NIC.


The core mission activities of NIC-CERT include:

  • To co-ordinate and respond to Cyber Security incidents happening in NIC
  • To provide Intelligence or advisory on the prevailing Cyber Threats and vulnerabilities, for proactively securing NIC’s network and assets
  • To co-ordinate with CERT-IN, NCIIPC and other stakeholders for Cyber Security Incident and other security related activities
  • To Establish and Maintain a centralized Log Management system for NIC
  • To Maintain a Knowledge base of Cyber Security Incidents handled by NIC-CERT
  • To undertake capacity building activities to augment in-house cyber capability, skills and expertise

Network Security

The Network Security Division is in relentless pursuit of achieving CIA (Confidentiality, Integrity, and Availability) of ICT assets in NICNET through deployment of expert manpower, appropriate tools, and state-of-the-art technologies.

The Network Security Division (NSD) of NIC is engaged in assessment, planning, deployment and management of security devices and solutions across the NICNET in general and the Data Centres in particular. The NSD conducts Security Audit of Data Centres and Bhawan Networks on regular basis and on demand. The security span of NSD comprises of all National and State Data Centres, over 1000 LANs of Govt. offices and MPLS networks, more than 2 Lakh endpoints and a series of networking devices deployed across the country. The Network Security Division manages the 24×7 Security Monitoring Centre to ensure real time monitoring, detection, prevention, analysis and reporting of Cyber threats and attacks.

Application Security

NIC is formulating and updating the Security Policies for NICNET as and when required. Security Audit of Web Applications / Websites, Penetration Testing and Vulnerability Analysis, SSL compliance testing, Version Detection for application hosting environment with infrastructure compliance checks are also done as per user requirement. Critical Web applications are secured through Web Application Firewall (WAF) to counter Application layer threat, Management and administration of deployed WAF solutions configuration of critical sites including CMF (Drupal) based portals, WAF service support at NIU Hyderabad for non-compliant web applications and 24×7 monitoring service. The center provides Incident Handling and Malware Analysis, Sanitization of security controls based on analysis results and Issuing advisories to NICNET users.

For more details please visit https://nic-cert.nic.in/index.jsp

error: Content is protected !!