The Central Electricity Authority has released new Cybersecurity Guidelines for the power sector in India. The guidelines were much anticipated in the backdrop of multiple cyberattacks on the critical sector in the last years.
Any cyberattacks on the power sector are intended to disrupt the power supply system. Such attacks could result in equipment damage and even grid failure.
The government wants to create a secure cyber ecosystem and create cyber security awareness. By laying down the cyber-assurance framework, more clarity in cybersecurity is expected. More emphasis on research and development in cyber security is given in the guidelines strengthening the regulatory framework. Apart from these, the mechanism for security threat early warning, vulnerability management, and response to security threats are the key focus areas.
Any ICT-based procurement from the responsible entities must include the Model Contractual Clauses on cyber security. The products must be tested for any malware, hardware trojan by responsible agencies before deployment.
Stakeholders and expert agencies were duly consulted to prepare the guidelines, said the government spokesperson.
Scope of these guidelines will cover the Control Systems for System Operation and Operation Management, Communication System including Routers switches and firewalls, Communication technology-related network components, Wireless digital systems, Secondary, Automation and Tele control technologies including Control and Automation components, Control and field devices, Tele control devices, etc.
According to the new guidelines all the service providers, vendors, entities, and vendors engaged in the power sector will be responsible to act according to the set guidelines and will have to act in a timely manner upon any cyberthreats received from the government authenticated sources. They will also have to work diligently to improve cybersecurity.
Also read: