Under direction of Union Power and New & Renewable Energy Minister Shri R K Singh and guidance of Secretary, Power, Shri Alok Kumar, Central Electricity Authority (CEA) has prepared the guideline for the Cyber Security in Power Sector and it has been released today.

CEA under the provision of Section 3(10) on Cyber Security in the “Central Electricity Authority (Technical Standards for Connectivity to the Grid) (Amendment) Regulations, 2019” has framed Guideline on Cyber Security in Power Sector to be adhered by all Power Sector utilities to create cyber secure eco system. This is the first time comprehensive guideline has been formulated on cyber security in power sector. The guideline has been prepared and released that intends to bring uniformity in cyber security preparedness across various utilities in power sector and also raise the level of cyber security preparedness for power sector.

The Guideline has been prepared after due deliberations with stakeholder and inputs from expert agencies in the field of cyber security, such as CERT-In, NCIIPC, NSCS, IIT Kanpur and other stakeholders and subsequent deliberations in Ministry of Power as well.

Guideline are issued with the objective of creating cyber security awareness, secure cyber ecosystem, cyber-assurance framework, Strengthening the regulatory framework, mechanisms for security threat early warning, vulnerability management and response to security threats, Securing remote operations and services, Protection and resilience of critical information infrastructure, Reducing cyber supply chain risks, Encouraging use of open standards, Promotion of research and development in cyber security, Human resource development in the domain of Cyber Security, Developing effective public private partnerships, Information sharing and cooperation Operationalization of the National Cyber Security Policy.

Guideline are applicable to all Responsible Entities as well as System Integrators, Equipment Manufacturers, Suppliers/Vendors, Service Providers, IT Hardware and Software OEMs engaged in the Indian Power Supply System for protection of Control Systems for System Operation and Operation Management, Communication System and SecondaryAutomation and Tele control technologies.

These Guideline are Mandatory requirement to be met by all stakeholders and give emphasis on establishing cyber hygiene, training of all IT as well OT Personnel on Cyber Security, designating of Cyber Security Training Institutes as well as Cyber Testing labs in the Country. The Guideline also mandates ICT based procurement from identified “Trusted Sources” and identified “Trusted Products” or else the product has to be tested for Malware/Hardware Trojan before deployment for use in power supply system network when system for trusted product and service is in place. It will promote research and development in cyber security and open up market for setting up Cyber Testing Infra in Public as well as Private Sector in the country.

CEA is also working on cyber security regulations. This Cyber Security guideline is precursor to the same.

The guideline is available the website of CEA for downloading

(https://cea.nic.in/wp-content/uploads/notification/2021/10/Guidelines_on_Cyber_Security_in_Power_Sector_2021-2.pdf)

***

MV/IG

Under direction of Union Power and New & Renewable Energy Minister Shri R K Singh and guidance of Secretary, Power, Shri Alok Kumar, Central Electricity Authority (CEA) has prepared the guideline for the Cyber Security in Power Sector and it has been released today.

CEA under the provision of Section 3(10) on Cyber Security in the “Central Electricity Authority (Technical Standards for Connectivity to the Grid) (Amendment) Regulations, 2019” has framed Guideline on Cyber Security in Power Sector to be adhered by all Power Sector utilities to create cyber secure eco system. This is the first time comprehensive guideline has been formulated on cyber security in power sector. The guideline has been prepared and released that intends to bring uniformity in cyber security preparedness across various utilities in power sector and also raise the level of cyber security preparedness for power sector.

The Guideline has been prepared after due deliberations with stakeholder and inputs from expert agencies in the field of cyber security, such as CERT-In, NCIIPC, NSCS, IIT Kanpur and other stakeholders and subsequent deliberations in Ministry of Power as well.

Guideline are issued with the objective of creating cyber security awareness, secure cyber ecosystem, cyber-assurance framework, Strengthening the regulatory framework, mechanisms for security threat early warning, vulnerability management and response to security threats, Securing remote operations and services, Protection and resilience of critical information infrastructure, Reducing cyber supply chain risks, Encouraging use of open standards, Promotion of research and development in cyber security, Human resource development in the domain of Cyber Security, Developing effective public private partnerships, Information sharing and cooperation Operationalization of the National Cyber Security Policy.

Guideline are applicable to all Responsible Entities as well as System Integrators, Equipment Manufacturers, Suppliers/Vendors, Service Providers, IT Hardware and Software OEMs engaged in the Indian Power Supply System for protection of Control Systems for System Operation and Operation Management, Communication System and SecondaryAutomation and Tele control technologies.

These Guideline are Mandatory requirement to be met by all stakeholders and give emphasis on establishing cyber hygiene, training of all IT as well OT Personnel on Cyber Security, designating of Cyber Security Training Institutes as well as Cyber Testing labs in the Country. The Guideline also mandates ICT based procurement from identified “Trusted Sources” and identified “Trusted Products” or else the product has to be tested for Malware/Hardware Trojan before deployment for use in power supply system network when system for trusted product and service is in place. It will promote research and development in cyber security and open up market for setting up Cyber Testing Infra in Public as well as Private Sector in the country.

CEA is also working on cyber security regulations. This Cyber Security guideline is precursor to the same.

The guideline is available the website of CEA for downloading

(https://cea.nic.in/wp-content/uploads/notification/2021/10/Guidelines_on_Cyber_Security_in_Power_Sector_2021-2.pdf)

***

MV/IG