India Introduces Cybersecurity Regulations for Connected Vehicles

India Introduces Cybersecurity Regulations for Connected Vehicles

First seen 8 Jul 2026, 20:52 UTC Swarajyamagwww.drivespark.comwww.autoguideindia.com 92% similarity 27.9

Article Content

Browse articles
ThreatCluster

The Indian government has proposed mandatory cybersecurity regulations for connected and autonomous vehicles, set to take effect in October 2026. The Ministry of Road Transport and Highways aims to align with global standards, requiring compliance with India's AIS-189 cybersecurity standard. New rules will apply to passenger vehicles, goods carriers, and tractors with advanced Electronic Control Units (ECUs). Manufacturers must establish a Cyber Security Management System to manage risks throughout a vehicle's lifecycle. Compliance deadlines are staggered, with existing models needing to comply by April 2027 and OTA-capable vehicles by 2028. The regulations are expected to enhance data safety and cybersecurity for vehicle owners. Public feedback on the draft notification is invited for 30 days before finalization.

Key Points: • New cybersecurity rules for connected vehicles in India will be mandatory from October 2026. • Manufacturers must comply with AIS-189 standards and establish a Cyber Security Management System. • Compliance deadlines vary for new and existing models, with full implementation by 2029.

ThreatCluster AI

Timeline

2026-07-08
India proposes new cybersecurity regulations
The Ministry of Road Transport and Highways announced mandatory cybersecurity rules for connected vehicles, effective October 2026.
Swarajyamag
2026-07-08
Public feedback invited on draft regulations
The Indian government has opened a 30-day period for public comments on the proposed cybersecurity rules for vehicles.
Drivespark
2026-10-01
Implementation of new rules begins
Mandatory compliance with the new cybersecurity regulations for new vehicle models starts.
Swarajyamag
2027-04-01
Existing models must comply
All existing vehicles equipped with Level 3 or higher automated driving systems are required to meet the new cybersecurity standards.
Swarajyamag
2028-04-01
OTA-capable vehicles compliance deadline
New models with over-the-air software update capabilities must comply with the cybersecurity regulations.
Drivespark
2028-10-01
Existing OTA-capable vehicles compliance deadline
Existing vehicles with OTA capabilities must meet the new cybersecurity standards by this date.
Drivespark
2029-10-01
Final compliance deadline for all vehicles
All vehicles with software update capabilities must comply with the new cybersecurity regulations.
Drivespark

Community

Browse all →