A Basic Introduction: What Is NCIIP?
The National Critical Information Infrastructure Protection Centre (NCIIPC), as its name suggests, is an organization in India that is designed to protect India’s most sensitive data and information. It was established on the 16th of January 2014 under Section 70A of the IT Act 2000. The reason for its establishment was to promote secure and efficient data handling techniques in order to prevent cyber-attacks.
According to Wikipedia, “it is designated as the National Nodal Agency in terms of Critical Information Infrastructure Protection,” and it is based in New Delhi. The NCIIP is a unit of the government’s National Technical Research Organisation, and PMO oversees it as it falls under the purview of the Prime Minister’s Office.
|16th January, 2014
|New Delhi, Delhi
|Navin Kumar Singh, Director General
|National Technical Research Organisation
What Comes in NCIIP’s Critical Information Infrastructure
The IT Act, 2000 defines CII (Critical Information Infrastructure) as follows: “those computer resources, the incapacitation or destruction of which, shall have a debilitating impact on national security, economy, public health or safety.”
Critical infrastructure is defined by the Information Technology Act, 2000 as any aspect of the nation’s security, economy, health, or safety that would be severely harmed if it was to be destroyed.
NCIIPC has identified these sectors as being “critical” to their operation:
- Banking, Financial Services & Insurance
- Power & Energy
- Strategic & Public Enterprises
- Vision and Mission of NCIIPC
The vision of NCIIP is to provide a secure and resilient network for all types of critical sectors mentioned in the above section.
The National Cybersecurity and Infrastructure Protection Policy were created with the objective of taking all necessary measures to ensure all critical IT infrastructures are well protected. This includes things like protecting against unauthorized access, use, modification, disruption, disclosure & disruption by developing a cooperative system with synergistic security & protection.
Functions and Duties
- One of the most important duties of NCIIP is to take all measures to protect India’s critical informational infrastructure.
- NCIIP provides advice & assistance to sectors and organizations included in CII on how they can minimize the risk of their networks and data systems being compromised by cyber warfare, cyber terrorism, and other threats.
- It has to identify all CII elements for approval by the required government for the notifying the same,
- The NCIIP needs to provide leadership in the fight against cyber security threats across government departments whenever any critical information infrastructure poses a risk of it.
- The National Critical Information Infrastructure Protection Centre has to produce plans to protect CII systems. Their responsibility is threefold-to monitor, collect, share, coordinate, forecast, and analyze. The NCIIP also provides expertise to share in order to have an early warning system in case of a cyber-attack.
- It will help in developing appropriate plans, understanding standards, using best practices, and improving procurement processes for Critical Information Infrastructure Protection.
- One of the main objectives of NCCIPC is to create protection tactics, formulate policies, assessment of vulnerabilities, and then creation and implantation the plan for the protection of CII.
- It has to carry out R&D and allied activities and provide funds for the creation, collaboration, and development of next-gen technologies to enhance knowledge and skills while working with public sector organizations and international partners to protect CII.
- The National Critical Information Infrastructure Protection Center (NCIIPC) also develops and organizes awareness and training programs and develops and nurtures certification and audit agencies for critical information infrastructures protection.
- The Implementation of international and national cooperation efforts for Critical Information Infrastructure Protection.
- It issues guidelines, advisories, and suggestions for dealing with cyber-attacks on the CII. It also consults with stakeholders on protection methods and coordinates closely with Indian Computer Emergency Response Team and other bodies to come up with good prevention procedures.
- It regularly looks to share any information that it has about security vulnerabilities or attacks with Indian Computer Emergency Response Team and other organizations.
- The National Critical Information Infrastructure Protection Centre helps critical information infrastructure whenever it faces any threat. It might also ask for information and give directions to the sectors or people with an important impact on the situation of Critical Information Infrastructure.
What Are Operations of NCIIPC?
As stated, NCIIPC maintains several important things regarding the cyber safety of critical information infrastructure. Here are some important operations of NCIIPC:
- The ICIIP maintains a 24×7 help desk to report incidents. The toll-free number is 1800-11-4430
- NCIIPC releases advisories, alerts, and guidance with its team of experts to help protect against threats to critical information infrastructure.
- When a country is under threat, it is important to coordinate the response of different organizations include the government and CERT-India and NCIIPC has to operate all this.