.flash { animation-name: flash; animation-duration: 0.2s; animation-timing-function: linear; animation-iteration-count: infinite; animation-direction: alternate; animation-play-state: running; } @keyframes flash { from {color: red;} to {color: black;} }
|| CVE Report : 16-31 Jan 2018 ||       || CVE Report : 01-15 Jan 2018 ||       || Newsletter : January 2018 ||       || Palo Alto Networks firewalls Bug ||       || MAC-OS High Sierra Vulnerability ||      

About Us

National Critical Information Infrastructure Protection Centre (NCIIPC) is an organisation of the Government of India created under Sec 70A of the Information Technology Act, 2000 (amended 2008), through a gazette notification on 16th Jan 2014 Based in New Delhi, India, it is designated as the National Nodal Agency in respect of Critical Information Infrastructure Protection.


"To facilitate safe, secure and resilient Information Infrastructure for Critical Sectors of the Nation."


"To take all necessary measures to facilitate protection of Critical Information Infrastructure, from unauthorized access, modification, use, disclosure, disruption, incapacitation or distraction through coherent coordination, synergy and raising information security awareness among all stakeholders. "

Functions and Duties

  • National nodal agency for all measures to protect nation's critical information infrastructure.
  • Protect and deliver advice that aims to reduce the vulnerabilities of critical information infrastructure, against cyber terrorism, cyber warfare and other threats.
  • Identification of all critical information infrastructure elements for approval by the appropriate Government for notifying the same.
  • Provide strategic leadership and coherence across Government to respond to cyber security threats against the identified critical information infrastructure.
  • Coordinate, share, monitor, collect, analyze and forecast, national level threat to CII for policy guidance, expertise sharing and situational awareness for early warning or alerts. The basic responsibility for protecting CII system shall lie with the agency running that CII.
  • Assisting in the development of appropriate plans, adoption of standards, sharing of best practices and refinement of procurement processes in respect of protection of Critical Information Infrastructure.
  • Evolving protection strategies, policies, vulnerability assessment and auditing methodologies and plans for their dissemination and implementation for protection of Critical Information Infrastructure.
  • Undertaking research and development and allied activities, providing funding (including grants-in-aid) for creating, collaborating and development of innovative future technology for developing and enabling the growth of skills, working closely with wider public sector industries, academia et al and with international partners for protection of Critical Information Infrastructure.
  • Developing or organising training and awareness programs as also nurturing and development of audit and certification agencies for protection of Critical Information Infrastructure.
  • Developing and executing national and international cooperation strategies for protection of Critical Information Infrastructure.
  • Issuing guidelines, advisories and vulnerability or audit notes etc. relating to protection of critical information infrastructure and practices, procedures, prevention and response in consultation with the stake holders, in close coordination with Indian Computer Emergency Response Team and other organisations working in the field or related fields.
  • Exchanging cyber incidents and other information relating to attacks and vulnerabilities with Indian Computer Emergency Response Team and other concerned organisations in the field.
  • In the event of any threat to critical information infrastructure the National Critical Information Infrastructure Protection Centre may call for information and give directions to the critical sectors or persons serving or having a critical impact on Critical Information Infrastructure.




Incident Reporting

Incident Reporting Form

Vulnerability Disclosure

Vulnerability Disclosure Form
sha256: 863ec06ade92fb128f37384d0721f52a72a0422e4ccc6de3d032f00ceef79d54

Malware Reporting

Malware Reporting Form
sha256: a6792c721754fd78bb9df480f537b5516268fe7bab4f5a985a44e102e553f274



3rd Foundation Day

CII Conclave - Infosys Mysore

Implementation of Cyber Security for Power Infrastructure in India

Contact Us

National Critical Information Infrastructure Protection Centre

Block III, Old JNU Campus
New Delhi - 110 067

Toll Free: 1800-11-4430

@ NCIIPC     YouTube
General Help:
helpdesk1 [AT] nciipc [DOT] gov [DOT] in
helpdesk2 [AT] nciipc [DOT] gov [DOT] in
Site Administrator:
kms [AT] nciipc [DOT] gov [DOT] in
Incident Reporting:
ir [AT] nciipc [DOT] gov [DOT] in
Vulnerability Disclosure:
rvdp [AT] nciipc [DOT] gov [DOT] in
Malware Upload:
mal [DOT] repository [AT] nciipc [DOT] gov [DOT] in