{"id":23560,"date":"2024-12-04T17:41:03","date_gmt":"2024-12-04T12:11:03","guid":{"rendered":"https:\/\/ivaluegroup.com\/en-in\/?p=23560"},"modified":"2025-04-25T13:11:27","modified_gmt":"2025-04-25T07:41:27","slug":"telecom-cybersecurity-rules-2024","status":"publish","type":"post","link":"https:\/\/ivaluegroup.com\/en-in\/resources\/blogs\/telecom-cybersecurity-rules-2024\/","title":{"rendered":"Telecom Cybersecurity Compliance: The 2025 Regulatory Blueprint"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">Mobile telephone services and the Internet were introduced to India in 1995. Less than three decades later, India has the <a href=\"https:\/\/www.statista.com\/topics\/10820\/telecommunications-industry-in-india\/#topicOverview\" target=\"_blank\" rel=\"noopener\">second largest mobile network<\/a> in the world, trailing just China. This growth has become exponential in recent years due to the integration of transformative technology like IoT and 5G.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As of <a href=\"https:\/\/www.statista.com\/topics\/10820\/telecommunications-industry-in-india\/#topicOverview\" target=\"_blank\" rel=\"noopener\">2023<\/a>, the average 5G download speed in the country was approximately 25 times faster than 4G, and it is estimated that 5G will account for nearly 66% of mobile subscriptions by 2029. This all points to a <\/span><b>data explosion<\/b><span style=\"font-weight: 400;\"> in the industry, fueled by high-speed Internet, streaming services, and the increased use of data-intensive apps.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This data explosion leads to a wider attack surface that attackers increasingly exploit. Earlier this year, cybersecurity security firm <a href=\"https:\/\/www.indiatoday.in\/technology\/news\/story\/data-of-750-million-telecom-users-in-india-being-sold-on-dark-web-cyber-experts-claim-2495752-2024-01-31\" target=\"_blank\" rel=\"noopener\">CloudSEK<\/a> unveiled a massive security breach exposing the sensitive personal information of an astonishing 750 million people in India, including names, mobile numbers, addresses, and AADHAAR information. The breach highlighted the need for a comprehensive approach to cybersecurity, including collaboration with the relevant authorities and implementing robust measures to protect against unauthorized access.<\/span><\/p>\n<h2><b>The Solution: The Telecommunications (Telecom Cyber Security) Rules, 2024<\/b><\/h2>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">The <a href=\"https:\/\/dot.gov.in\/sites\/default\/files\/Gazette%20Notification%20of%20Telecommunications%20%28Telecom%20Cyber%20Security%29%20Rules%2C%202024.pdf\" target=\"_blank\" rel=\"noopener\">Indian Central Government issued these guidelines on November 21, 2024<\/a>, as an extension of the Telecommunications Act, 2023, with rules and regulations involving telecom cyber security. It applies to everyone regarded as a <\/span><b>telecom entity<\/b><span style=\"font-weight: 400;\">, which the guidelines define as \u2018any person providing telecom services or establishing, operating, maintaining or expanding the telecom network.\u2019<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cybersecurity for telecom entities starts by adopting a <\/span><b>cybersecurity policy<\/b><span style=\"font-weight: 400;\"> with these elements:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Incorporation of telecom network protection strategies, including network testing that features <\/span><b>hardening, <a href=\"https:\/\/ivaluegroup.com\/en-in\/resources\/blogs\/introduction-to-vapt-vulnerability-assessment-penetration-testing\/\">vulnerability assessments &amp; penetration testing<\/a> (VAPT)<\/b><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">A mechanism to identify &amp; prevent a <\/span><b>security incident<\/b><span style=\"font-weight: 400;\">, which the rules define as \u2018an event having real or potential risk on telecom cybersecurity\u2019<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">A <\/span><b>rapid action system<\/b><span style=\"font-weight: 400;\"> to deal with security incidents, including mitigation measures to limit their impact<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Conducting a <\/span><b>forensic analysis of security incidents<\/b><span style=\"font-weight: 400;\"> to learn from them and further strengthen your cybersecurity posture<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Incorporating an ideal mix of <\/span><b>security safeguards, risk management approaches, actions, training, best practices &amp; ideal technology<\/b><span style=\"font-weight: 400;\"> to enhance your security<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Following all the elements of this policy will help reduce the risks of security incidents through timely responses and appropriate actions. To maintain the efficacy of these policies, the Central Government mandates periodic cyber security audits to assess the overall resilience to threats, in intervals specified on their portal.<\/span><\/p>\n<h2><b>The Custodian: Chief Telecommunications Security Officer<\/b><\/h2>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">To ensure that all these requirements are met, the Central Government requires a liaison to connect with each telecom entity. That comes through the role of <\/span><b>Chief Telecommunications Security Officer (CTSO)<\/b><span style=\"font-weight: 400;\">, with the requisites of the position being:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">A citizen or resident of India<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Directly responsible to the Board of Directors or similar governing body of the entity concerning the requirements of the new laws<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Directly responsible for coordinating with the Central Government for implementation of the rules on behalf of the entity<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Details regarding the holder of the position need to be provided in writing to the Central Government, through a form available on the portal. Any replacement or change to the position also has to be promptly intimated through another form there.<\/span><\/p>\n<h2><b>The Oversight: Requirement of SOC<\/b><\/h2>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">One of the roles the CTSO has to fulfill is establishing &amp; overseeing a <\/span><b><a href=\"https:\/\/ivaluegroup.com\/en-in\/resources\/blogs\/what-is-soc-as-a-service-socaas\/\">Security Operations Centre<\/a> (SOC)<\/b><span style=\"font-weight: 400;\"> that uses 24&#215;7 monitoring to help identify, mitigate, and respond to threats. Two crucial pillars identified by these rules about SOC are:<\/span><\/p>\n<h4><span style=\"font-weight: 400;\">Pillar 1: Monitoring<\/span><\/h4>\n<p><span style=\"font-weight: 400;\">This includes incidents in the form of successful intrusions and breaches of telecom services &amp; networks, along with attempts to cause such incidents, intrusions, and breaches. Details of such threat actors impacting services &amp; networks have to be collected and stored.<\/span><\/p>\n<h4><span style=\"font-weight: 400;\">Pillar 2: Maintaining<\/span><\/h4>\n<p><span style=\"font-weight: 400;\">Telecom entities have to maintain a variety of <\/span><b>logs<\/b><span style=\"font-weight: 400;\">, including:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Firewall, <a href=\"https:\/\/ivaluegroup.com\/en-in\/resources\/blogs\/siem-and-soar-key-differences-and-integration\/\">Security Information &amp; Event Management<\/a> (SIEM), <a href=\"https:\/\/ivaluegroup.com\/en-in\/services\/managed-security-services\/\">Intrusion Detection System<\/a> (IDS),<\/b><span style=\"font-weight: 400;\"> and <\/span><b>Intrusion Prevention System (IPS)<\/b><span style=\"font-weight: 400;\"> logs, all of which will form the core of your SOC strategy<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Command logs<\/b><span style=\"font-weight: 400;\"> of operation &amp; maintenance<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Any other element required for the functioning of telecom services &amp; networks<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Entities have to maintain these logs and make them available to any person authorised by the Central Government. The period for maintaining all these logs is again specified on the portal.<\/span><\/p>\n<h2><b>The Process: Incident Reporting Requirements<\/b><\/h2>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">Another important role of the CTSO is to follow this timeline whenever there is a discovery of a security incident:<\/span><\/p>\n<table>\n<tbody>\n<tr>\n<td><b>Timeframe<\/b><\/td>\n<td><b>Requirements<\/b><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Within 6 hours of security incident discovery<\/span><\/td>\n<td><span style=\"font-weight: 400;\">A report has to go to the Central Government, with details such as the nature of the incident and the systems affected by it.<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Within 24 hours<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Additional information has to be provided, including but not limited to:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Duration of security incident<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Number of users affected by the incident<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Geographical area affected<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">The extent to which functioning networks &amp; services were affected<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Remediation measures taken or proposed<\/span><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><span style=\"font-weight: 400;\">After conducting these measures, the Central Government may ask for further action on your part through a variety of ways:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">If they feel that disclosure of the security incident is in the public interest, they may ask you to inform the public or do it themselves.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">They may issue directions concerning the measures required to remedy the security incident if it has already happened or prevent one from occurring when a significant threat is identified, with time limits potentially prescribed for each measure.<\/span><\/li>\n<\/ul>\n<h2><b>The Penalties: Non-Compliance Rules<\/b><\/h2>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">If the Central Government has reason to believe that any telecom entity is endangering telecom cybersecurity, they can issue a notice to said entity. The entity then has 7 days to respond, post which an investigation will commence.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Depending on the findings of the investigation, the Central Government can either suspend or permanently disconnect all the privileges that the entity is privy to. This order can also be extended to any equipment or identifiers linked to the entity. Entities can respond to the order within 30 days, and depending on the response, the Central Government can either uphold, modify, or revoke the earlier order.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">There are further regulations for telecom identifiers:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Any manufacturer of equipment that has an international mobile equipment identity (IMEI) number shall register the number with the Central Government, whether it\u2019s being produced in India or imported from abroad.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">No person shall intentionally remove, obliterate, change, or alter the unique telecom identification number, or intentionally use, produce, traffic in, or possess software related to the identifier or equipment.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">The Central Government may issue directions to equipment manufacturers bearing IMEI numbers to provide assistance or block the use of tampered IMEI numbers in telecom networks and services.<\/span><\/li>\n<\/ul>\n<h2><b>The Way Forward: A Technology Partner like iValue Group<\/b><\/h2>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">There are a lot of things to keep track of in the new telecommunications security guidelines 2024 brought to telecom entities. Keeping an <\/span><b>in-house SOC <\/b><span style=\"font-weight: 400;\">is one of the options the Central Government prescribes, but maintaining it has become a major challenge for organizations. They have to deal with burnout, false positives, alert fatigue, and cybersecurity skills shortages. Therefore, <a href=\"https:\/\/ivaluegroup.com\/en-in\/enterprise-security-management-esm\/\">outsourcing your SOC operations<\/a> to a trusted provider like us has become the preferred option for many companies.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Additionally, the reporting requirements of these new rules are extremely stringent. While global regulations like GDPR set the reporting time for <a href=\"https:\/\/ivaluegroup.com\/en-in\/resources\/blogs\/how-critical-infrastructure-can-balance-business-security\/\">critical infrastructure<\/a> &amp; personal data breaches at 72 hours, these rules require you to do so within 6. That could prove to be a major challenge if your cybersecurity processes are not alert and optimized.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Amid such flux, an ideal solution could be partnering with a technology provider like us who will take care of every aspect of telecom cybersecurity compliance and enable you to continue doing what you do best. <\/span><a href=\"https:\/\/ivaluegroup.com\/en-in\/contact-us\/\"><span style=\"font-weight: 400;\">Click here<\/span><\/a><span style=\"font-weight: 400;\"> to start a conversation about your telecom cybersecurity needs!<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Mobile telephone services and the Internet were introduced to India in 1995. Less than three decades later, India has the second largest mobile network in the world, trailing just China. This growth has become exponential in recent years due to the integration of transformative technology like IoT and 5G.\u00a0 As of 2023, the average 5G &hellip;<\/p>\n<p class=\"read-more\"> <a class=\"\" href=\"https:\/\/ivaluegroup.com\/en-in\/resources\/blogs\/telecom-cybersecurity-rules-2024\/\"> <span class=\"screen-reader-text\">Telecom Cybersecurity Compliance: The 2025 Regulatory Blueprint<\/span> Read More \u00bb<\/a><\/p>\n","protected":false},"author":1,"featured_media":20195,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","footnotes":"","_links_to":"","_links_to_target":""},"categories":[131],"tags":[432,433,437,436,429,431,256,435,430,434],"whitepapers":[],"case_studies":[],"acf":[],"_links":{"self":[{"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/posts\/23560"}],"collection":[{"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/comments?post=23560"}],"version-history":[{"count":4,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/posts\/23560\/revisions"}],"predecessor-version":[{"id":23564,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/posts\/23560\/revisions\/23564"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/media\/20195"}],"wp:attachment":[{"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/media?parent=23560"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/categories?post=23560"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/tags?post=23560"},{"taxonomy":"whitepapers","embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/whitepapers?post=23560"},{"taxonomy":"case_studies","embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/case_studies?post=23560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}