CERT-In’s 12-Hour Patching Mandate: Strengthening India’s Cyber Resilience against AI-Driven Threats
GS3
CERT-In has issued a new framework requiring organizations to patch critical vulnerabilities within 12 hours to counter the rapid weaponization of software flaws by AI-enabled threat actors.
The Indian Computer Emergency Response Team (CERT-In) has released a comprehensive 38-page cybersecurity framework that significantly tightens the response time for critical vulnerabilities. Organizations are now required to patch or isolate exploited internet-facing flaws within a 12-hour window. This directive marks a strategic shift in India’s cybersecurity posture, moving from periodic assessments to a model of continuous exposure management.
The primary driver behind this stringent mandate is the emergence of Artificial Intelligence (AI) in the hands of threat actors. AI-enabled tools have drastically reduced the time required for hackers to weaponize software vulnerabilities. Previously, organizations might have had days or weeks to respond; however, AI can now automate the discovery and exploitation of flaws almost as soon as they are disclosed. This 'compressed exploit timeline' necessitates a near-instantaneous defense mechanism to protect critical digital infrastructure.
Continue reading — free with login
JeetoBharat publishes daily UPSC current affairs mapped to the Mains syllabus. Log in to read full articles.
Log in to read full articleNo credit card required. Free registered users get unlimited access.
This article was curated using AI. While we strive for accuracy, please verify critical facts from official sources.