The Jammu & Kashmir government has issued a directive for all its departments to conduct a security audit of their websites and applications within a one-month period through CERT-In empanelled agencies. The aim is to protect these online platforms against potential cyber threats. The General Administration Department (GAD) has instructed various administrative departments, deputy commissioners, and managing directors of public sector undertakings to ensure the security audit is carried out. Despite previous instructions to conduct security audits at least once a year, it has been observed that a significant number of websites hosted on the State Data Centre remain unaudited, exposing them to an increased risk of cyber-attacks as reported by CERT-In, the national nodal agency for responding to computer security incidents.
The directive underscores the government’s commitment to safeguarding its digital assets and information against cyber threats, aligning with the national security policy and guidelines prescribed by CERT-In and the Ministry of Electronics & Information Technology, Government of India. This proactive approach reflects the government’s recognition of the evolving cybersecurity landscape and the need to ensure the resilience of its online platforms. By mandating these security audits, the government aims to enhance the overall cybersecurity posture of its departments and mitigate potential vulnerabilities that could compromise sensitive data and services, thereby bolstering the trust and confidence of citizens and stakeholders in the digital ecosystem.