Government extends deadline to comply with new cybersecurity rules

The Computer Emergency Response Team (CERT-In) has extended the deadline for the new cyber security directives that mandate virtual private network providers to store customer data for up to five years, giving them and micro, small & medium enterprises (MSMEs) time until September 25 to implement the rules.

The rules, issued on April 28, were slated to kick into effect on June 26, sixty days after they were issued. In an order issued on June 27, CERT noted that MSME sought "reasonable time for generating capacity building required for implementation of these Directions".