Cybersecurity Guidelines for Power Sector
By MYBRANDBOOK
This is the first time that a comprehensive guideline has been formulated on cyber security in the power sector. The guidelines are a precursor to cybersecurity regulations that the Central Electricity Authority (CEA, Ministry of Power) is working on.
CEA has framed the guidelines under the Central Electricity Authority (Technical Standards for Connectivity to the Grid) (Amendment) Regulations, 2019. It lays down a cyber assurance framework, strengthens the regulatory framework, puts in place mechanisms for security threat early warning, vulnerability management and response to security threats, and secures remote operations and services, among others.
The norms are applicable to all responsible entities as well as system integrators, equipment manufacturers, suppliers/ vendors, service providers, and Information Technology (IT) hardware and software OEMs (Original Equipment Manufacturers) engaged in the Indian power supply system. Responsible Entities include power generation utilities, distribution utilities, transmission companies and load dispatch centres among others.
The norms have been prepared after intensive deliberations with stakeholders and inputs from expert agencies in the field of cybersecurity, such as CERT-In, NCIIPC, NSCS and IIT-Kanpur, and subsequent deliberations in the power ministry also, as per the statement.
The guidelines mandate ICT-based procurement from identified 'trusted sources' and 'trusted products' or else the product has to be tested for malware/ hardware trojan before deployment for use in the power supply system network, it stated.
The policy mandates Information & Communication Technology-based procurement from identified 'trusted sources' and 'trusted products' or else the product has to be tested for malware/hardware trojan before deployment for use in the power supply system network.
The appointment of a Chief Information Security Officer (CISO) at each responsible entity as well as the setting up of an Information Security Division headed by the CISO.
The entities will also be required to incorporate a procedure for identifying and reporting any disturbances suspected or confirmed to be caused by sabotage and submit the report to the sectoral CERT and Computer Emergency Response Team -India (CERT-In) within 24 hours.
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
POLYCAB INDIA PVT. LTD.
VVDN TECHNOLOGIES
WIPRO LTD.
STERLITE TECHNOLOGIES LTD.
Technology Icons Of India 2023: Bharat Goenka
Bharat Goenka is the Managing Director of Tally Solutions. He is well ...
Technology Icons Of India 2023: Bhavish Aggarwal
Ola CEO Bhavish Aggarwal had formed Ola-India’s largest mobility pla...
Technology Icons Of India 2023: Anant Maheshwari
As President of Microsoft India, he is responsible for Microsoft’s o...
HPCL is transforming the energy landscape, across the nation and beyond
HPCL is world-class energy company known for caring and delighting the...
RailTel connecting every corner of India
RailTel is an ICT provider and one of the largest neutral telecom infr...
INDIANOIL helps reach precious petroleum fuels to every nook and corner of the country
IndianOil, a diversified, integrated energy major with presence in alm...
ACCERON INFOSOL PVT. LTD.
It is a leading value added distributor in the IT security space and h...
SAVEX TECHNOLOGIES PVT. LTD.
Savex Technologies is the 3rd largest Information & Communication Tec...
Crayon Software Experts India Pvt Ltd
Crayon helps its customers build the commercial and technical foundati...