The NSCS said the guidelines will be "mandatorily applicable" to owners and regulators of critical information infrastructure, including those responsible for ensuring its protection. The guidelines entail six stages - management, protection, detection, response, recovery and lessons learnt.
