Read as
Why this module exists. When a cyber incident becomes a criminal matter, organisations need to work with Indian law enforcement — the local police cybercrime cell, state cyber cell, CBI cyber wing for severe cases. The process is rarely intuitive, evidence requirements are specific, and the practitioner’s preparation determines whether the investigation produces a successful prosecution. This module is the practical guide.
Why this module exists. Most cyber incidents an enterprise reports do not result in successful prosecution. Sometimes that is because the attacker is offshore; often it is because evidence was not preserved correctly, or the FIR was filed under the wrong sections, or the cybercrime cell was not engaged early enough. This module is the playbook.
The Indian law-enforcement landscape for cyber
| Authority | When to engage |
|---|---|
| Local police station | FIR filing for incidents below state-cyber-cell threshold |
| District / city cybercrime cell | Most cyber-fraud cases; BEC fraud, account takeovers, ransomware |
| State CID cyber wing | Larger frauds, multi-jurisdictional cases |
| National Cyber Crime Reporting Portal (cybercrime.gov.in) | Online complaint filing; routes to relevant jurisdiction |
| CBI Cyber Crime Investigation Wing | Inter-state major fraud, critical infrastructure attacks |
| CERT-In | Technical incident response; not law enforcement but coordinates |
DPDP Act in your stack?
Get a DPDP gap assessment
Free 30-minute call. We map your data flows against DPDP §8 obligations and tell you exactly which gaps to fix first. Auditor-defensible output.
Book DPDP scoping call
Replies in 4 working hrs · India-only · Senior consultants