TELECOM CYBERSECURITY RULES

Last Updated on 25th November, 2024
4 minutes, 3 seconds

Description

Copyright infringement not intended

Picture Courtesy: THE HINDU

Context:

The government has issued telecom cyber security guidelines to protect India's communication networks and services.

About the Telecom Cyber Security Rules 2024

The Ministry of Communications has issued the Telecom Cyber Security Rules, 2024 to protect communication networks and services by implementing measures such as specified timelines for reporting security incidents, implementing cyber security policies, and ensuring data confidentiality.

Data Collection and Safeguards

The central government or its authorized agencies may request traffic data and other data (excluding message content) from telecom companies to ensure cyber security.

Telecom entities must ensure that the data they collect is stored and kept confidential, with adequate safeguards in place to prevent unauthorized access. 

A telecom entity is any person or authorized entity that provides telecommunication services or builds, operates, maintains, or expands a telecommunication network.

Cybersecurity Obligations for Telecom Entities

Implement a telecom cybersecurity policy that includes security safeguards, risk management procedures, training, and network testing.

Conduct vulnerability and risk assessments, and put security measures in place to prevent incidents.

Take immediate measures to mitigate incidents and conduct forensic analysis to improve future security.

Reporting requirements for telecom entities

Telecommunications companies must report security incidents to the government.

Initial report within 6 hours, including information about the affected system and the nature of the incident.

Within 24 hours, a detailed report to be provided, including the number of users affected, the geographical impact, network or service disruption, and the corrective actions taken.

Role of the Chief Telecommunication Security Officer (CTSO)

The CTSO is in charge of regulating the implementation of the cybersecurity policy, coordinating incident response, and ensuring compliance with cybersecurity regulations.

Equipment Security and IMEI Regulations

Manufacturers must register International Mobile Equipment Identity (IMEI) numbers for telecom equipment before it is sold in India. Tampering with IMEI numbers is prohibited.

Changing or removing telecommunication equipment identifiers is strictly prohibited.

The government can prohibit tampered equipment or require manufacturers to assist in resolving related issues.

The rules prohibit

Misuse of telecommunications equipment and identifiers.

Telecommunications-related fraud, cheating, or mimicry.

Sending forged messages or engaging in activities that compromise telecom cybersecurity.

Must Read Articles: 

ENFORCEMENT OF TELECOMMUNICATIONS ACT, 2023

TELECOM SECTOR

Source: 

The Hindu

PRACTICE QUESTION

Q.Consider the following statements:

1. India has the world's largest telecommunications network in terms of telephone users.

2. The first experimental electric telegraph line was started between Mumbai to Thane in 1850.

Which of the above statements is/are correct?

A) 1 only

B) 2 only

C) Both 1 and 2

D) Neither 1 nor 2

Answer: D

Explanation:

Statement 1 is incorrect:

India's telecommunications network is the world's second-largest in terms of telephone users (both fixed and mobile phones), with more than 1.19 billion subscribers as of September 2024.

Statement 2 is incorrect:

Telecommunications in India began with the introduction of the telegraph. In 1850, the first experimental electric telegraph line was established between Kolkata and Diamond Harbour. It was opened in 1851 for use by the East India Company.

Free access to e-paper and WhatsApp updates

Let's Get In Touch!