The Indian Computer Emergency Response Team (CERT-In) has released a baseline framework of 15 Elemental Cyber Defense Controls with 45 mapped recommendations to help Micro, Small, and Medium Enterprises (MSMEs) strengthen cybersecurity. MSMEs may integrate these into organizational policies, conduct annual baseline audits through CERT-In empaneled auditors, and benchmark against minimum cyber hygiene standards. The controls cover effective asset management, patching, network/email security, access management, incident response, awareness training, and data protection. CERT-In emphasizes that these represent a starting point, urging enterprises to go beyond the baseline in line with sector-specific risks. Given MSMEs’ role in India’s GDP, employment, and supply chains, the framework aims to reduce vulnerability to cyberattacks, financial fraud, and operational disruptions.
Relevant question for policy stakeholders: Can basic cyber hygiene standards become as common for MSMEs as workplace safety rules are today?
Follow the full news here:
https://www.cert-in.org.in/PDF/Elemental_Cyber_Defense_Controls_for_MSME.pdf
