According to reports, the government is planning to extend the deadline for complying with its cyber security directives by three months.

Rajeev Chandrasekhar, Minister of State for Electronics and IT says, “This will apply to micro, small, and medium enterprises (MSMEs) as well as small and medium enterprises (SMEs).”

“We are very clear. We will not make SMEs or MSMEs bear the burden of this additional compliance until they are ready,” adds Chandrasekhar.

The Indian Computer Emergency Response Team (Cert-In)’s April 28 guidelines required all companies, intermediaries, data centers and government organizations to report any data breach to the government within six hours of becoming aware of it.

The guidelines had also mandated Virtual Private Network (VPN) service providers to maintain all the information they had gathered as part of know-your-customer (KYC) rules and hand it over to the government as and when required.

Reports suggest that the directive has led to several VPN providers exiting India.

On May 18, during a press conference to explain the FAQs on the Cert-In guidelines, Chandrasekhar said VPN service providers that did not want to adhere to the guidelines were ‘free to leave India.’

The government is, however, more flexible to the needs of the SMEs in adhering to the new directive. This is the second extension in the compliance deadline for SMEs and MSMEs by the ministry.

In June, the ministry decided to provide a breather of 90 days, or until September 25, to all companies after it received representations from SMEs, MSMEs, data centers, VPS, VPN, and cloud service providers that they needed more time to ‘build capacity’.

One problem that the government is aware of several times is that there is a lack of cost-effective human resources in the country. Some of the other requirements, such as maintaining data for three years, are also adding to their operational cost. While it is difficult to relax these norms, government has given additional time and will meet them to figure out a solution.