Cybersecurity Guidelines for Power Sector


By MYBRANDBOOK


Cybersecurity Guidelines for Power Sector

This is the first time that a comprehensive guideline has been formulated on cyber security in the power sector. The guidelines are a precursor to cybersecurity regulations that the Central Electricity Authority (CEA, Ministry of Power) is working on.

 

CEA has framed the guidelines under the Central Electricity Authority (Technical Standards for Connectivity to the Grid) (Amendment) Regulations, 2019. It lays down a cyber assurance framework, strengthens the regulatory framework, puts in place mechanisms for security threat early warning, vulnerability management and response to security threats, and secures remote operations and services, among others.

 

The norms are applicable to all responsible entities as well as system integrators, equipment manufacturers, suppliers/ vendors, service providers, and Information Technology (IT) hardware and software OEMs (Original Equipment Manufacturers) engaged in the Indian power supply system. Responsible Entities include power generation utilities, distribution utilities, transmission companies and load dispatch centres among others.

 

The norms have been prepared after intensive deliberations with stakeholders and inputs from expert agencies in the field of cybersecurity, such as CERT-In, NCIIPC, NSCS and IIT-Kanpur, and subsequent deliberations in the power ministry also, as per the statement.

 

The guidelines mandate ICT-based procurement from identified 'trusted sources' and 'trusted products' or else the product has to be tested for malware/ hardware trojan before deployment for use in the power supply system network, it stated.

 

The policy mandates Information & Communication Technology-based procurement from identified 'trusted sources' and 'trusted products' or else the product has to be tested for malware/hardware trojan before deployment for use in the power supply system network.

 

The appointment of a Chief Information Security Officer (CISO) at each responsible entity as well as the setting up of an Information Security Division headed by the CISO.

 

The entities will also be required to incorporate a procedure for identifying and reporting any disturbances suspected or confirmed to be caused by sabotage and submit the report to the sectoral CERT and Computer Emergency Response Team -India (CERT-In) within 24 hours.

 

 E-Magazine 
 ICONS OF INDIA  Placeholder image

Icons Of India : NEERAJ MITTAL

He started his career as an IAS Officer in 1992. He has held various a...

Icons Of India : Bhavish Aggarwal

Indian entrepreneur Bhavish Aggarwal is the CEO of Ola, India’s larg...

Icons Of India : AMIT CHADHA

Amit Chadha serves as the CEO and Managing Director of L&T Technology ...

 VIDEOS  Placeholder image
 STARNITE AWARDS 2024  

 ITFORUM 2024  

   



 CMO of the Year   Placeholder image

 WOMEN LEADERSHIP  Placeholder image

 IMAGE GALLERY   Placeholder image

 TRENDS IN TECHNOLOGY  Placeholder image

MORE VIDEOS  Placeholder image
 ADVERTISEMENTS  Placeholder image
Brandbook Brandbook

 TECHNOLOGY DISRUPTION Placeholder image


 UNICORNS REVOLUTIONISING Placeholder image



Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org