India’s cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has introduced a new cybersecurity framework urging organisations to respond faster to critical software vulnerabilities as artificial intelligence rapidly changes the threat landscape. The updated blueprint highlights how AI-powered cyberattacks are significantly reducing the time between vulnerability discovery and active exploitation, making traditional security response timelines increasingly ineffective.
Under the new recommendations, organisations are advised to implement a 12-hour patching window for critical vulnerabilities. The framework stresses that delayed updates can expose businesses, government systems, and digital infrastructure to large-scale cyber risks, especially as threat actors are now using AI tools to automate reconnaissance, malware generation, and attack execution.
The guidance also encourages companies to adopt a Zero Trust security model, where every user, device, and application must be continuously verified before accessing systems or sensitive data. According to the blueprint, organisations should move away from perimeter-based security approaches and instead focus on identity verification, least-privilege access, and continuous monitoring.
CERT-In further recommended the integration of AI-enabled defence mechanisms to counter increasingly sophisticated attacks. Security teams are being encouraged to use AI for faster threat detection, automated incident response, behavioural analysis, and real-time monitoring of unusual activities across networks. The framework notes that cybercriminals are already leveraging AI to accelerate phishing campaigns, create deepfake-based fraud attempts, and identify weak points in digital systems at a much faster pace than before.
The blueprint also places emphasis on continuous risk assessment, supply chain security, endpoint protection, and proactive vulnerability management. Organisations handling sensitive or critical infrastructure have been advised to regularly test their incident response capabilities and maintain updated disaster recovery strategies.
In addition, the guidance highlights the importance of employee awareness and cyber hygiene practices, warning that human error continues to remain one of the biggest cybersecurity risks despite technological advancements. Businesses are encouraged to conduct regular cybersecurity training sessions and strengthen internal security protocols.
With AI reshaping both cyberattacks and cyber defence, the framework signals a major shift toward faster response cycles, automated protection systems, and proactive digital resilience as essential components of modern cybersecurity strategy.
, has introduced a new cybersecurity framework urging organisations to respond faster to critical software vulnerabilities as artificial intelligence rapidly changes the threat landscape){kind=link}