banner1
banner2

HOME
Breaking News

CERT-In’s New BOM Guidelines Bolster India’s Digital Security

by VARINDIA 2025-07-13
CERT-In’s New BOM Guidelines Bolster India’s Digital Security

In July 2025, the Indian Computer Emergency Response Team (CERT-In) released a critical update to its Software Bill of Materials (SBOM) guidelines. These new guidelines, version 2.0, significantly expand the scope to include Artificial Intelligence (AIBOM), Quantum (QBOM), Cryptography (CBOM), and Hardware (HBOM) components.

The enhanced framework aims to increase transparency and traceability across India’s digital supply chains. A Bill of Materials (BOM) provides a detailed inventory of components, allowing organizations to:

  • Track Provenance: Document the origin of software, hardware, and AI components.
  • Manage Vulnerabilities: Identify and mitigate risks by mapping components to known vulnerabilities (e.g., CVE database).
  • Ensure Compliance: Maintain standardized records for audits and regulatory adherence.

The guidelines target a diverse range of stakeholders, including software developers, hardware manufacturers, and developers of AI and quantum systems. CERT-In mandates that BOMs be maintained in both human-readable (PDF/CSV) and machine-readable (JSON/XML) formats to enable secure sharing.

The comprehensive guidelines address the increasing complexity of modern digital threats. With AI and quantum computing introducing new vulnerabilities—such as poisoned datasets and quantum-based cryptographic attacks—AIBOMs and QBOMs provide essential transparency.

By focusing on detailed BOMs, CERT-In aims to strengthen supply chain security. This is particularly crucial given that supply chains are the target of 60% of cyberattacks, according to IBM’s 2024 report. The guidelines also align India with international standards, such as the U.S. Executive Order 14028, positioning the country as a leader in proactive cyber assurance.

While the updated guidelines are a pivotal step, implementing them presents challenges. Small and medium enterprises (SMEs) may struggle with the resources needed for comprehensive BOM adoption. Additionally, the complexity of AI and quantum systems requires specialized expertise, highlighting the need for workforce upskilling.

Despite these hurdles, the guidelines are expected to drive growth in India’s cybersecurity market and enhance trust in Indian technology globally. By ensuring compliance with international standards, the framework supports the Digital India initiative and strengthens the nation’s digital infrastructure against evolving threats.

 
er

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
OT cybersecurity concerns rise to the C-Suite: Fortinet report

OT cybersecurity concerns rise to the C-Suite: Fortinet report

Okta and Palo Alto Networks partner for AI-driven security

Okta and Palo Alto Networks partner for AI-driven security

Tenable research warns of critical AI tool vulnerability

Tenable research warns of critical AI tool vulnerability

SOFTWARE
View All
CRED Members Strengthen Financial Discipline with CRED Money, Data Reveals

CRED Members Strengthen Financial Discipline with CRED Money, Data Reveals

IceWarp opens Gujarat office to bolster regional growth and expand workforce

IceWarp opens Gujarat office to bolster regional growth and expand workforce

GoDaddy’s Airo solution helping Indian entrepreneurs save time

GoDaddy’s Airo solution helping Indian entrepreneurs save time

START - UP
View All
OpenAI Acquires Jony Ive’s Startup io Products in $6.5 Billion Deal, Names Him Creative Head

OpenAI Acquires Jony Ive’s Startup io Products in $6.5 Billion Deal, Names Him Creative Head

MIPS and Cyient Semiconductor team up on custom RISC-V solutions

MIPS and Cyient Semiconductor team up on custom RISC-V solutions

Lenskart to Acquire Location AI Startup GeoIQ

Lenskart to Acquire Location AI Startup GeoIQ

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

wew
wrdf
Start-Up and Unicorn Ecosystem
Yatri Motorcycles Cuts EV Development Time by 40% with Dassault Systèmes’ 3DEXPERIENCE Cloud Platform

Yatri Motorcycles Cuts EV Development Time by 40% with Dassault Systèmes’ 3DEXPERIENCE Cloud Platform

AI Reliance:A Potential Threat to Cognitive Skills

AI Reliance:A Potential Threat to Cognitive Skills

High-Ranking U.S. Official's Password Leak Exposes Major Security Flaws

High-Ranking U.S. Official's Password Leak Exposes Major Security Flaws

Aflac Hit by Cyberattack: Sensitive Data Exposed, Action Taken Fast

Aflac Hit by Cyberattack: Sensitive Data Exposed, Action Taken Fast

Danger in Disguise: The Silent Rise of Hidden Cyber Threats

Danger in Disguise: The Silent Rise of Hidden Cyber Threats

E-Gaming Federation Strengthens India’s Skill-Based Gaming Sector

E-Gaming Federation Strengthens India’s Skill-Based Gaming Sector

Covasant Tech Merges with konaAI, DCube Data Sciences

Covasant Tech Merges with konaAI, DCube Data Sciences

Channeling Success: How Strategic Alliances Are Fueling Innovation and Scale

Channeling Success: How Strategic Alliances Are Fueling Innovation and Scale

Meesho open sources BharatMLStack, its Made-in-India ML platform

Meesho open sources BharatMLStack, its Made-in-India ML platform

The Complications of e-KYC in the Age of AI and Deepfakes

The Complications of e-KYC in the Age of AI and Deepfakes

dsf