Cybersecurity Guidelines for Power Sector
By MYBRANDBOOK
This is the first time that a comprehensive guideline has been formulated on cyber security in the power sector. The guidelines are a precursor to cybersecurity regulations that the Central Electricity Authority (CEA, Ministry of Power) is working on.
CEA has framed the guidelines under the Central Electricity Authority (Technical Standards for Connectivity to the Grid) (Amendment) Regulations, 2019. It lays down a cyber assurance framework, strengthens the regulatory framework, puts in place mechanisms for security threat early warning, vulnerability management and response to security threats, and secures remote operations and services, among others.
The norms are applicable to all responsible entities as well as system integrators, equipment manufacturers, suppliers/ vendors, service providers, and Information Technology (IT) hardware and software OEMs (Original Equipment Manufacturers) engaged in the Indian power supply system. Responsible Entities include power generation utilities, distribution utilities, transmission companies and load dispatch centres among others.
The norms have been prepared after intensive deliberations with stakeholders and inputs from expert agencies in the field of cybersecurity, such as CERT-In, NCIIPC, NSCS and IIT-Kanpur, and subsequent deliberations in the power ministry also, as per the statement.
The guidelines mandate ICT-based procurement from identified 'trusted sources' and 'trusted products' or else the product has to be tested for malware/ hardware trojan before deployment for use in the power supply system network, it stated.
The policy mandates Information & Communication Technology-based procurement from identified 'trusted sources' and 'trusted products' or else the product has to be tested for malware/hardware trojan before deployment for use in the power supply system network.
The appointment of a Chief Information Security Officer (CISO) at each responsible entity as well as the setting up of an Information Security Division headed by the CISO.
The entities will also be required to incorporate a procedure for identifying and reporting any disturbances suspected or confirmed to be caused by sabotage and submit the report to the sectoral CERT and Computer Emergency Response Team -India (CERT-In) within 24 hours.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Icons Of India : Puneet Chandok
Puneet Chandok is President, Microsoft India & South Asia and is respo...
Icons Of India : Harsh Jain
Harsh Jain, the co-founder of Dream 11, the largest fantasy sports web...
ICONS OF INDIA : RAJESH NAMBIAR
Rajesh leads the company’s India associates and enhances relationshi...
ECIL - Electronics Corporation of India Limited
ECIL is distinguished by its diverse technological capabilities and it...
LIC - Life Insurance Corporation of India
LIC is the largest state-owned life insurance company in India...
DRDO - Defence Research and Development Organisation
DRDO responsible for the development of technology for use by the mili...
Indian Tech Talent Excelling The Tech World - George Kurian, CEO, Netapp
George Kurian, the CEO of global data storage and management services ...
Indian Tech Talent Excelling The Tech World - Anirudh Devgan , President, Cadence Design
Anirudh Devgan, the Global President and CEO of Cadence Design Systems...
Indian Tech Talent Excelling The Tech World - ARVIND KRISHNA, CEO – IBM
Arvind Krishna, an Indian-American business executive, serves as the C...