India's CERT-In issues AI-focused cybersecurity guidelines including SBOMs and fixes

Technology Jun 16, 2026

India's top cyber watchdog, CERT-In, just dropped new guidelines to help companies fight off AI-powered hacks.
The rules focus on regular security checkups, keeping track of software parts (SBOMs), fixing problems fast, and reporting serious issues right away.
They're also pushing for using AI tools to test defenses, basically fighting fire with fire.

Leaders back CERT-In rules despite costs

Industry leaders are on board, even if it means spending more, because a data breach can cost way more in damage and lost trust.
As Malcolm Gomes, chief operating officer of Privy by IDfy, puts it, the cost of preparation may feel significant today, but the cost of remediation, reputational damage, and potential penalties can be far greater.
The guidelines ask for emergency patches and quick fixes (like a seven-day deadline for big threats), though smaller vendors might find this tough.
While these rules aren't mandatory yet, they could soon set the standard for sectors like banking and healthcare, where strong security is becoming a must-have to land contracts.