The Indian Computer Emergency Response Team (CERT-In) has released a new cybersecurity framework urging organizations to address critical vulnerabilities in internet-facing systems within 12 hours of identification, wherever feasible. The move comes as cybercriminals increasingly leverage artificial intelligence (AI) and large language models (LLMs) to accelerate vulnerability discovery, exploitation, and large-scale cyberattacks.
AI Is Changing the Cyber Threat Landscape
In its recently published 38-page cybersecurity blueprint, CERT-In highlighted how AI-assisted cyber exploitation is dramatically reducing the time attackers need to identify and weaponize vulnerabilities.
According to the agency, threat actors are now using AI tools to automate tasks such as:
- Attack surface discovery
- Vulnerability analysis and exploitation
- Phishing campaign creation
- Malware development
- Reconnaissance and intelligence gathering
As organizations become more dependent on cloud services, interconnected digital infrastructure, software supply chains, operational technologies, and AI-enabled platforms, the potential impact of AI-driven cyber threats continues to grow.
AI Systems Are Also Becoming Prime Targets
CERT-In warned that AI-powered systems themselves are increasingly vulnerable to sophisticated attacks. These include:
- Prompt injection attacks
- Data leakage vulnerabilities
- AI model jailbreaking
- Training data poisoning
- Model theft and manipulation
- Orchestration pipeline compromises
Such attacks can undermine the confidentiality, integrity, and reliability of AI systems, creating significant risks for organizations adopting AI technologies.
Exploitation Timelines Are Shrinking
The cybersecurity agency emphasized that AI is enabling adversaries to launch attacks at unprecedented speed and scale. As a result, organizations should expect:
- Faster exploitation of newly discovered vulnerabilities
- Increased automation of cyberattacks
- More sophisticated phishing and social engineering campaigns
- Reduced effectiveness of traditional security controls
To counter these evolving threats, CERT-In recommends continuous threat monitoring, proactive exposure management, and enhanced operational preparedness.
Key Cybersecurity Principles Recommended by CERT-In
The framework outlines several core defensive strategies that organizations should adopt to strengthen resilience against AI-assisted cyber threats:
1. Assume Breach Mentality
Organizations should operate under the assumption that breaches can occur and prepare for rapid detection, containment, and recovery.
2. Implement Zero Trust Security
Continuous verification of users, devices, and applications should be enforced, while access privileges should be limited to the minimum necessary.
3. Strengthen Defense-in-Depth
Layered security controls across infrastructure, applications, identities, and networks can help eliminate single points of failure.
4. Reduce Vulnerability Exposure
Regular vulnerability assessments and prompt remediation of identified weaknesses are critical.
5. Adopt Secure-by-Design Practices
Security should be integrated into systems, applications, and AI workflows from the beginning rather than added later.
6. Protect Critical Data
Organizations must safeguard sensitive information throughout its lifecycle using appropriate security controls.
7. Manage Software Supply Chain Risks
Third-party software, AI models, and dependencies should be evaluated using Software Bills of Materials (SBOMs), provenance validation, and security assessments.
8. Continuously Test Security Controls
Regular red team exercises, penetration testing, vulnerability assessments, and independent audits should be conducted to validate security effectiveness.
9. Establish AI Governance
Organizations should implement formal policies governing AI usage and maintain visibility into AI systems, integrations, and operational behavior.
New Vulnerability Remediation Timelines
One of the most significant recommendations in the blueprint is the introduction of aggressive remediation timelines for critical vulnerabilities.
Recommended Response Times
| Vulnerability Type | Remediation Timeline |
|---|---|
| Known exploited vulnerabilities affecting internet-facing and critical systems | Within 12 hours (where feasible) |
| Critical externally exposed vulnerabilities | Within 1 day |
| Known exploited vulnerabilities affecting internal systems | Within 1 day |
| Critical internal vulnerabilities impacting high-value systems | Within 3 days |
| High-severity vulnerabilities | Within 5 days |
CERT-In noted that organizations should prioritize remediation based on risk, exposure level, and operational criticality.
What If a Patch Is Not Available?
In situations where security patches are not immediately available, organizations should implement temporary mitigation measures, including:
- Isolating affected systems
- Restricting access to vulnerable services
- Deploying Web Application Firewall (WAF) protections
- Enhancing monitoring and threat detection
- Disabling vulnerable features or functionalities
These measures should remain in place until an official security fix becomes available.
Continuous Cybersecurity Readiness Is Essential
CERT-In stressed that cybersecurity can no longer be treated as a periodic exercise. Organizations must continuously reassess risks, validate security controls, conduct security testing, and strengthen resilience capabilities to stay ahead of rapidly evolving AI-powered threats.
The new guidance follows a recent CERT-In advisory that highlighted the growing cyber capabilities of advanced AI models developed by industry leaders. The agency warned that while these technologies offer significant benefits, their dual-use nature could also lower the barrier to entry for malicious actors, enabling automated exploitation and large-scale cyber campaigns.
Final Thoughts
As AI continues to transform both defensive and offensive cybersecurity operations, organizations must adapt to a threat landscape where attacks can be launched faster, more frequently, and with greater sophistication than ever before. CERT-In’s latest framework sends a clear message: rapid vulnerability management, proactive security controls, and strong cyber resilience are no longer optional—they are essential for protecting modern digital environments.
The 12-hour patching recommendation reflects how much AI has shortened the window between vulnerability disclosure and active exploitation. One challenge many organizations will face is maintaining accurate asset inventories and having automated remediation workflows in place, since rapid patching is difficult without strong visibility into internet-facing systems. It’s also important that AI security risks like prompt injection and model poisoning receive the same level of attention as traditional software vulnerabilities.