India Tightens Cybersecurity Framework: 652 Apps Blocked, Telecom & CCTV Norms Strengthened

The Government of India has significantly reinforced the country's cybersecurity architecture over the past decade, introducing a series of legal, technological, and institutional measures to safeguard critical digital infrastructure and user data, the Lok Sabha was informed on March 25, 2026.

Minister of State for Electronics and IT Shri Jitin Prasada outlined a multi-layered strategy covering telecom security, data protection laws, surveillance systems, and proactive cyber threat monitoring.

Securing Telecom Networks Through Trusted Sources

Recognising telecom networks as the backbone of digital infrastructure, the government implemented the National Security Directive on Trusted Sources (2021).

• Ensures telecom equipment is sourced only from trusted vendors

• Reduces risks of foreign interference and supply chain vulnerabilities

• Strengthens national security in an era of 5G and advanced connectivity

This move is seen as a critical step toward secure and resilient communication networks.

Robust Legal Framework for Data and Network Protection

India has strengthened its legislative backbone with key laws:

• Telecommunication Act, 2023 – Comprehensive provisions for telecom network security

• Digital Personal Data Protection Act, 2022 – Framework for safeguarding personal data

These laws provide a structured legal basis for cybersecurity, privacy, and accountability, aligning India with global data protection standards.

Major Overhaul of CCTV Security Standards

To address vulnerabilities in surveillance systems, the government has introduced mandatory Essential Requirements (ERs) for CCTV devices:

• Mandatory disclosure of origin of critical components (e.g., SoCs)

• Testing against remote access vulnerabilities

• Certification through accredited laboratories

• 507 CCTV models have already been certified

Government departments are now prohibited from procuring non-compliant CCTV equipment, ensuring higher security standards across public infrastructure.

Additionally, ministries have been advised to strengthen CCTV network security and mitigate vulnerabilities in surveillance systems.

Crackdown on Risky Mobile Applications

In a major digital security intervention:

• 652 mobile applications have been blocked

• Action taken under Section 69A of the IT Act, 2000

• Grounds include data security risks and malicious practices

This reflects the government's proactive approach to protecting user data and national security.

Advanced Cyber Monitoring and Response Systems

India has bolstered its cyber defence capabilities through institutional mechanisms:

• National Cyber Coordination Centre (NCCC) monitors cyberspace for threats

• Real-time intelligence shared with state governments and agencies

• 237 security auditing firms empanelled by CERT-In

• Regular audits to ensure compliance with information security best practices

Comprehensive Security Guidelines for Digital Ecosystem

CERT-In has issued detailed guidelines to strengthen cybersecurity:

• June 2023 guidelines covering data, network, application, and access security

• Focus on incident management, monitoring, and third-party risks

• July 2025 technical guidelines for Bill of Materials (BOM):

  • Covers software, hardware, AI, quantum computing, and cryptography

  • Enhances supply chain transparency and security

These guidelines are designed to future-proof India's digital ecosystem against emerging technology risks.

Towards a Secure Digital India

The government's multi-pronged approach reflects a strategic vision to:

• Protect critical infrastructure and citizen data

• Strengthen digital trust and resilience

• Mitigate risks from emerging technologies and global cyber threats

With rapid digitisation across sectors, these measures aim to ensure that India's digital growth is secure, sustainable, and globally competitive.