Nodal Agency Urges Immediate Action on Internet Vulnerabilities
In an evolving landscape where cyber threats proliferate at unprecedented speeds, India’s apex cybersecurity agency has issued an urgent directive urging organizations to address significant internet-facing vulnerabilities within 12 hours. The recommendation comes as hackers, leveraging the capabilities of artificial intelligence, continue to enhance their operational efficiency, creating a pressing need for equally swift responses from cyber defenders.
The Urgency of Cyber Defense
The Indian Computer Emergency Response Team (CERT-In) emphasizes in their guidance that the rapid advancement of AI technology is shrinking the window between the discovery of vulnerabilities and their exploitation. This alarming trend necessitates a prompt and proactive approach to cybersecurity, particularly for vulnerabilities that are already known to be exploited.
To meet the 12-hour deadline, organizations are advised to utilize temporary containment strategies such as isolating affected systems, restricting user access, deploying web application firewalls, or disabling vulnerable features until comprehensive patches can be developed. This approach aims to fortify critical business systems that face the brunt of cyberattacks in today’s increasingly digitized world.
Striking a Balance in Cybersecurity
Organizations are encouraged to adopt a slightly more manageable 24-hour response timeline for internal systems with known vulnerabilities, while a more lenient three-day window is allocated for critical internal system vulnerabilities impacting essential functionalities. This phased timing is intended to accommodate varying levels of operational capacity across different organizations.
Security experts have largely welcomed this ambitious guidance but also raised concerns regarding its applicability across the board. Anant Shrivastava, chief researcher and founder of Cyfinoid Research, describes the directive as a “strong and necessary document,” albeit one that should be viewed more as a strategic aspiration than a practical standard for immediate compliance.
Challenges in Implementation
The crux of the matter lies in the assumption that organizations already possess a high degree of operational maturity, visibility, engineering discipline, and the capability to remediate issues in a timely manner. Many institutions, especially smaller entities outside of major corporations, often grapple with challenges such as maintaining accurate asset inventories, defining clear systems ownership, and having secure protocols in place for managing rollbacks.
The 12-hour objective, while well-intentioned, may prove unrealistic for many organizations. “Aggressive remediation timelines can unintentionally lead to compliance theater,” Shrivastava warns. Organizations could react by concealing vulnerabilities, delaying notifications, or hastily implementing changes without adequate validation, potentially exacerbating their security posture.
Recommendations for a Phased Response
In response to these concerns, CERT-In suggests a phased approach for improving security measures, beginning with the implementation of multifactor authentication and addressing known vulnerabilities within the initial week. This would be followed by a continuous monitoring phase, incorporating AI governance capabilities within 30 days. The final stage would entail adversarial simulation and thorough AI security testing, occurring between days 31 and 60.
This structured plan aims to create a resilient cybersecurity framework capable of adapting to rapid technological advancements and evolving threats.
The Reality of Cyber Threats
The urgency conveyed by CERT-In is supported by independent findings, such as a report from Check Point, which indicates that organizations around the globe experienced nearly 2,000 cyberattacks weekly in 2025, largely attributable to the automation facilitated by AI. “AI is fundamentally altering not only the volume of cyberattacks but the very mechanics behind them,” stated Lotem Finkelstein, vice president of research at Check Point Software.
AI is empowering malicious actors to refine their techniques in reconnaissance, phishing, exploit research, malware adaptation, and social engineering, making attacks more effective and efficient. However, it’s essential to recognize that defenders are also employing AI to enhance processes such as alert triage, correlation, and threat intelligence enrichment.
The Challenge Ahead
While AI undeniably compresses the time frame for threat identification and response, it does not inherently cultivate operational maturity within organizations. Shrivastava articulates, “AI compresses time, but it does not magically create operational maturity. That is the key challenge organizations now need to solve.”
Organizations facing these escalating threats must adapt not only their technological tools but also their foundational readiness and responsiveness to ensure they can effectively mitigate risks in this rapidly changing cybersecurity landscape. The call to action from CERT-In serves as a crucial reminder of the stakes involved and the imperative to prioritize robust cybersecurity measures.