The government has directed its departments to undertake security audit of their departmental websites/applications through CERT-In empanelled agencies within a period of one month.
The General Administration Department (GAD) has directed all administrative departments/heads of departments/deputy commissioners/managing directors of various public sector undertakings(PSUs)/Boards/Corporations to ensure security audits of their departmental websites/applications.
The Information Technology department has time-and-again issued instructions to all the administrative departments/heads of departments/deputy commissioners/managing Directors of various PSUS/Boards/Corporations etc. to ensure security audit of their websites/applications periodically, at least once a year, in compliance with security policy, guidelines, and procedures, laid down by the CERT-In and Ministry of Electronics & Information Technology, Government of India.
The GAD, however, noticed that many such websites are still unaudited.
“Notwithstanding the instructions, it has been observed that large number of websites hosted on State Data Centre by different departments are still un-audited resulting in increased risk of cyber-attacks as also reported by the CERT-In,” it said.
CERT-In stands for Computer Emergency Response Team - India. It serves as the national nodal agency for responding to computer security incidents