DPDPEnforcement rules notified. 12-month compliance windowThreatRansomware activity up 38% YoY across listed mid-marketSEBICSCRF audit cycle deadline narrows for listed entitiesInsuranceCyber capacity softening. renewal terms easing in Q2AdvisoryNew zero-day in widely-used MFA vendor. patch liveRegulatorIncident reporting timelines tightened to 6 hoursBreachListed fintech reports BEC fraud. ₹4.2 Cr in flightClaimsD&O cyber rider claims paid in 14-day median
Mitigata

CERT-In compliance before panic writes the timeline.

Mitigata helps you prepare for Indian Computer Emergency Response Team readiness by organising incident workflows, log retention, reporting evidence and response ownership.

800+ businesses protected25+ compliance standards supported99% audit success rate
Book a calllive

Got any questions? Bring them here.

Secure·No spamReply < 24h

How Can CERT-In Compliance Support Your Business?

CERT-In readiness helps your business respond faster, preserve logs, report incidents properly, and avoid building the incident story after everyone has already started asking questions.

Meet reporting expectations

CERT-In’s directions require covered entities to report specified cyber incidents within six hours of noticing them or being notified. Readiness helps teams move without confusion.

    Preserve useful evidence

    The directions also require ICT system logs to be enabled and retained securely for a rolling 180-day period within Indian jurisdiction. That makes log planning, storage, and access important.

      Improve incident response discipline

      CERT-In readiness gives security, IT, legal, compliance, and leadership a clearer way to confirm incidents, collect artefacts, escalate decisions, and maintain reporting records.

        How Mitigata gets your CERT-In ready faster

        Mitigata helps your team move through CERT-In readiness with fewer blind spots and less manual coordination.

        • 01 / 06

          Define applicability and scope

          We identify your systems, services, users, infrastructure, cloud tools, vendors, and incident categories that need to be considered under CERT-In readiness.

        • 02 / 06

          Run the AI gap scan

          Gordon AI reviews your current logging, incident response, escalation flow, reporting records, policies, evidence, and security controls against CERT-In expectations.

        • 03 / 06

          Build the response workflow

          We create clear steps for incident detection, validation, escalation, artefact collection, CERT-In reporting, stakeholder updates, and post-incident closure.

        • 04 / 06

          Set log and evidence controls

          Log retention, time synchronisation, access to records, incident artefacts, screenshots, approvals, and investigation notes are organised into a working process.

        • 05 / 06

          Automate readiness evidence

          Gordon AI tracks artefacts, owners, logs, incident records, reporting tasks, policy versions, review dates, and missing evidence before pressure arrives.

        • 06 / 06

          Stay incident-ready

          We help run reviews, test workflows, track remediation, update contact points, improve playbooks, and keep CERT-In readiness alive beyond one audit cycle.

        Why Mitigata

        From log chaos to live CERT-In readiness.

        Mitigata uses Gordon AI to reduce manual evidence work, track response gaps earlier, and make readiness easier to see.

        Click now. Thank us later.
        BEFORE AI-POWERED CERT-In
        Status quo

        Scattered logs. Slow escalation. Reporting stress.

        • 01·Incident confusion

          Teams lose time deciding whether an event is reportable, who owns it, and what needs to be collected.

        • 02·Log gaps

          Security, cloud, endpoint, network, and application logs are not always retained, searchable, or easy to produce.

        • 03·Manual artefact chase

          Screenshots, timelines, indicators, approvals, and investigation notes live across different tools and people.

        • 04·Reporting pressure

          CERT-In reporting becomes rushed because facts, owners, and evidence are assembled too late.

        Net

        Incident visibility stays low.

        AFTER WITH GORDON AI
        One pod

        Mapped workflows. Live evidence. Faster response clarity.

        • 01·Response path defined

          Gordon AI helps structure incident categories, owners, escalation steps, evidence needs, and reporting tasks.

        • 02·Logs tracked

          Log sources, retention status, access paths, and evidence requirements stay visible in one place.

        • 03·Artefacts organised

          Incident timelines, approvals, notes, indicators, and supporting records stay easier to collect and review.

        • 04·Leadership dashboard

          Management sees readiness status, open gaps, response owners, evidence health, and pending tasks.

        Outcome

        CERT-In readiness becomes visible.

        CERT-In pairs with

        The next audits your CERT-In work can support.

        Use CERT-In readiness as part of a broader compliance programme supported by one evidence system.

        ISO 27001:2022

        Best for organisations that need a formal information security management system around incidents, logs, access, vendors, risks, and evidence.

        Know more

        DPDPA

        Useful for businesses handling personal data and preparing for breach response, data governance, privacy controls, and accountability.

        Know more

        SEBI CSCRF

        Helpful for SEBI-regulated entities that need cyber resilience, incident handling, audit evidence, governance, and reporting readiness.

        Know more
        COMPLIANCE READINESS

        A 30-second reality check for your audit readiness.

        Pick your framework, add your team size, and tell us where your controls stand.

        SCORE IN
        ~30 sec
        NO LOGIN
        100% anonymous
        FRAMEWORKS COVERED
        20+
        CONTROLS CHECKED
        84+
        [Modelled on 8K+ compliance assessments]

        Score is indicative. Full audit plan maps controls, evidence, gaps, owners, and timelines.

        Framework
        Employees
        250
        105001,5005,000
        Current maturity
        2 / 5
        Ad-hocRepeatableDefinedManagedOptimised
        Adjacent certifications

        — controls · SOW in 24h

        FAQs

        Questions people ask before CERT-In reporting gets real.

        • CERT-In compliance means preparing for India’s cyber incident reporting, log retention, evidence, and security practice expectations under CERT-In directions.
        • Service providers, intermediaries, data centres, body corporates, government organisations, and digital businesses should assess applicability based on systems and operations.
        • Specified cyber incidents must be reported to CERT-In within six hours of noticing the incident or receiving notification about it.
        • CERT-In directions require ICT system logs to be enabled and retained securely for a rolling 180-day period within Indian jurisdiction.
        • Gordon AI tracks log sources, incident owners, artefacts, reporting tasks, evidence gaps, playbooks, dashboards, and readiness status.
        • Yes. CERT-In and ISO 27001 overlap around incident response, logging, evidence, access control, monitoring, risk management, and governance.
        Book a 30-min discovery call
        Talk to Mitigata

        Stop managing CERT-In with scattered logs and reminders.

        If CERT-In readiness feels urgent, manual, or unclear, Mitigata can help turn it into a structured response plan.

        Still here? Really!
        Mean time to detectacross 800+ clients
        4.2Min
        Insurance boundtypical broker takes 6 weeks
        6Days
        Breach responsewar room to containment
        60Min
        Claims settledin last 24 months
        ₹500Cr