Daily News Analysis » Critical Information Infrastructure

Critical Information Infrastructure

Get complete details on Critical Information Infrastructure

Table of Content

Why in the News?

Recently, the Ministry of Electronics and IT (MeitY), has declared the IT resources of ICICI Bank, HDFC Bank and UPI managing entity NPCI as ‘Critical Information Infrastructure’.

Key Points:

About Critical Information Infrastructure(CII):

  • As per, the Information Technology Act of 2000 , ‘Critical Information Infrastructure’ means a computer resource, the incapacitation or destruction of which, shall have debilitating impact on national security, economy, public health or safety
  • Under the Act, the government has the power to declare any data, database, IT network or communications infrastructure as CII to protect that digital asset
  • Any person who secures access or attempts to secure access to a protected system in violation of the law can be punished with a jail term of up to 10 years

Why is CII classification and protection necessary?

  • IT resources form the backbone of countless critical operations in a country’s infrastructure, and given their interconnectedness, disruptions can have a cascading effect across sectors
  •  An information technology failure at a power grid can lead to prolonged outages crippling other sectors like healthcare, banking services
  • Therefore, the world over governments have been moving with alacrity to protect their critical information infrastructure

How are CIIs protected in India?

National Critical Information Infrastructure Protection Centre (NCIIPC) 

  • It was created in 2014 and acts as the nodal agency for taking all measures to protect the nation’s critical information infrastructure
  • Mandate: To guard CIIs from “unauthorised access, modification, use, disclosure, disruption, incapacitation or distraction”
  • It  will monitor and forecast national-level threats to CII for policy guidance, expertise sharing and situational awareness for early warning or alerts

Significance of Designating  IT resources as Critical Information Infrastructure:

  • The Computer resources relating to the Core Banking Solution, Real Time Gross Settlement and National Electronic Fund Transfer comprising Structured Financial Messaging Server, being Critical Information Infrastructure of the ICICI Bank, and the computer resources of its associated dependencies to be protected systems shall be protected as per, the Information Technology Act of 2000 Act