1 min read.Updated: 07 Oct 2021, 09:20 PM ISTLivemint
The guidelines lay down a cyber assurance framework, strengthens the regulatory framework, puts in place mechanisms for security threat early warning, vulnerability management and response to security threats
Listen to this article
The central government on Thursday released the guidelines for cybersecurity in the power sector with the aim to create a secure power cyber ecosystem.
“Central Electricity Authority (Technical Standards for Connectivity to the Grid) (Amendment) Regulations, 2019 has framed Guideline on Cyber Security in Power Sector to be adhered by all Power Sector utilities to create cyber-secure eco-system," said the ministry of power in a statement.
“This is the first time that a comprehensive guideline has been formulated on cyber security in the power sector. The guideline lays down required actions for cyber security preparedness across various utilities," it added.
The norms have been prepared after intensive deliberations with stakeholders and inputs from expert agencies in the field of cybersecurity, such as CERT-In, NCIIPC, NSCS and IIT-Kanpur, and subsequent deliberations in the power ministry also, as per the statement.
It lays down a cyber assurance framework, strengthens the regulatory framework, puts in place mechanisms for security threat early warning, vulnerability management and response to security threats, and secures remote operations and services, among others, it added.
The norms are applicable to all responsible entities as well as system integrators, equipment manufacturers, suppliers/ vendors, service providers, and IT hardware and software OEMs (original equipment manufacturers) engaged in the Indian power supply system.
The guidelines mandate ICT-based procurement from identified 'trusted sources' and 'trusted products' or else the product has to be tested for malware/ hardware trojan before deployment for use in the power supply system network, it stated.
It will promote research and development in cybersecurity and open up the market for setting up cyber testing infra in public as well as private sectors in the country.