The Telecom Cyber Security Rules 2024, notified by the Government of India, are a pivotal development in safeguarding the country’s telecommunication infrastructure from the everevolving landscape of cyber threats. These rules, formulated under the Telecommunications Act, 2023, introduce a host of measures designed to enhance cybersecurity preparedness, ensure rapid response to incidents, and establish a comprehensive regulatory framework for telecommunication entities. This article explores the major changes and their implications in detail.

Empowering Certified Agencies for Cybersecurity Audits

A standout feature of the new rules is the designation of certified agencies to oversee the implementation of cybersecurity protocols to foster a uniform standard of security across the telecom sector, ensuring resilience against sophisticated cyberattacks. Telecommunication entities are now mandated to:

• Conduct periodic cybersecurity audits, both internally and through certified agencies approved by the Central Government.
• Demonstrate compliance with robust cybersecurity policies, encompassing measures such as risk assessments, vulnerability management, and incident response strategies.

Creation of a Centralized Digital Portal

The rules emphasize the integration of technology for efficient governance by mandating the establishment of a digital portal. This platform will serve as a centralized hub to:

• Facilitate the real-time collection, analysis, and sharing of telecom traffic data.
• Streamline reporting of security incidents, allowing for rapid remediation.
• Enable submission and continuous monitoring of cybersecurity policies by telecommunication entities.

Rule 3: Strengthened Data Collection and Analysis Framework

The rules grant the Central Government enhanced powers to collect and analyze telecom data to bolster cybersecurity and create the balance between proactive cybersecurity measures and the protection of individual privacy. Key provisions include:

• Directing telecom entities to set up infrastructure to collect, process, and securely store traffic data.
• Permitting data sharing with government law enforcement agencies and other telecom stakeholders, strictly for cybersecurity purposes.
• Mandating safeguards to prevent unauthorized access, ensuring that data privacy remains a top priority.

Mandatory Reporting of Security Incidents

A six-hour reporting window has been introduced to ensure prompt action in the event of a security incident. Telecommunication entities must provide detailed reports, including:

• The scale of user impact.
• The duration and geographical scope of the incident.
• Effects on economic and societal activities.
• Immediate and proposed remediation measures.

This expedited reporting process aims to minimize downtime, mitigate risks, and enable swift intervention in critical situations. Similarly, it can be seen in parallel with CERT-IN mandatory expedite reporting of security incidents.

Supersession of Previous Rules

The Telecom Cyber Security Rules 2024 supersede:

• The Prevention of Tampering of Mobile Device Equipment Identification Number Rules, 2017
• The Mobile Device Equipment Identification Number (Amendment) Rules, 2022.

While these earlier rules are repealed, actions and registrations carried out under their provisions remain valid. This transition ensures continuity while advancing the regulatory framework.

Temporary Suspension of Telecom Identifiers

The Rules provide a person a reasonable opportunity to be heard if the Central Government orders the temporary suspension or permanent disconnection of their telecom identifier (used to identify a user, entity, or telecom service). However, in cases deemed necessary and in the public interest, suspension can occur without prior notice. While these powers may raise concerns about operational disruptions, recent amendments ensure fairness and due process in such decisions.

Establishment of Security Operations Centers (SOCs)

Telecommunication entities are now required to set up Security Operations Centers (SOCs), either independently or in collaboration with others. SOCs are tasked with:

• Monitoring cybersecurity incidents, breaches, and attempted intrusions.
• Maintaining detailed logs of threats, incidents, and operational activities for audits and investigations.
• Supporting the Central Government and certified agencies in cybersecurity investigations.

The emphasis on SOCs will ensures real-time threat detection and response, significantly enhancing the nation’s cybersecurity posture.

Regular Cybersecurity Audits

To maintain resilience, telecommunication entities must:

• Perform regular cybersecurity audits using both internal mechanisms and certified external agencies.
• Adopt a telecom cybersecurity policy that includes best practices, forensic analysis of incidents, and actionable steps to prevent future threats.

Conclusion: Strengthening Telecom Resilience

The Telecom Cyber Security Rules 2024 represent a landmark effort by the Government of India to secure the backbone of the nation’s digital infrastructure. By combining regulatory rigor with technological innovation, these rules address the growing sophistication of cyber threats targeting telecommunication networks.

For telecommunication entities, the path forward lies in embracing these regulations and building robust cybersecurity frameworks that align with the government’s vision. With enhanced safeguards, proactive reporting, and a focus on rapid incident response, the rules pave the way for a safer, more secure telecom ecosystem—essential for India’s continued digital transformation and economic growth.

As the implementation phase begins, the true test will lie in seamless execution and collaboration between the government, certified agencies, and telecom stakeholders. Together, these efforts will ensure that India’s telecom infrastructure is not only secure but also future-ready.