Indian CERT Urges Firms to Contain Exploited Internet-Facing Flaws Within 12 Hours

The Indian Computer Emergency Response Team (CERT‑In) has shifted the cyber‑risk landscape by publishing a prescriptive blueprint that ties remediation deadlines to asset exposure rather than to individual CVEs. By highlighting AI‑assisted threat actors that can weaponize a newly disclosed flaw within hours, the agency forces enterprises to abandon traditional monthly patch cycles. The new model emphasizes rapid containment—through isolation, WAF rules, and compensating controls—when immediate patching is impractical, signaling a broader industry move toward continuous exposure management and threat‑informed defense.

Operationally, the guidance spotlights gaps that many large organizations already struggle with: real‑time discovery of internet‑facing assets, automated risk scoring, and cross‑functional incident‑response playbooks. Analysts note that the three‑day window for critical internal vulnerabilities will be especially painful for sectors with stringent uptime requirements, such as banking, telecom, and OT environments. To meet the timelines, firms must invest in unified asset inventories, AI‑driven vulnerability prioritization engines, and orchestration platforms that can push temporary mitigations at scale. The shift from patch‑centric to exposure‑centric thinking also demands tighter collaboration between security, IT operations, and business units.

Globally, CERT‑In’s aggressive clocks could become a benchmark for other national cyber agencies. Unlike the U.S. CISA KEV program, which assigns deadlines per vulnerability, India’s fixed‑clock model applies consistent expectations across asset categories, potentially pressuring multinational vendors to harmonize their service‑level agreements with the stricter Indian standards. If adopted more widely, this approach may accelerate the evolution of international cyber‑resilience frameworks, compelling organizations to embed AI‑enabled detection and rapid mitigation into their core security architectures. Companies that adapt quickly will gain a competitive edge in a market where breach costs are rising alongside attacker speed.