India unveils CSIRT-Power to fortify power sector against cyber threats

In a significant move to safeguard India’s critical power infrastructure, Union minister Manohar Lal inaugurated the Computer Security Incident Response Team Power (CSIRT-Power) at Northern Regional Power Committee in New Delhi.

Objective

• To serve as the responsible agency for responding to and preventing cybersecurity incidents within the power sector.
• To ensure a prompt and coordinated response to cyber threats in the power sector.
• To collect, analyze, and share information regarding power sector-specific cyber threats.
• To ensure implementation of proactive measures to increase cybersecurity awareness and improve the overall cybersecurity posture of the power sector.
• To promote sector specific best practices, Standard Operating Procedures (SOPs) and security policies.
• To provide cybersecurity expertise and assistance to constituent utilities.
• To enhance cybersecurity in the power sector through capacity building measures like training, development of standards, and incident response drills, collaboration with educational institutions and industry.
• To facilitate cooperation among stakeholders in the power sector to build awareness and strengthen collective cybersecurity efforts.

Remarks by Minister

• The CSIRT Power facility is a significant step forward in the mission to protect one of the most vital components of our national infrastructure, our power infrastructure.
• The threats we face today are unlike those of the past.
• Cyberattacks have emerged as a serious and growing concern, capable of causing significant disruptions with far-reaching consequences.
• The power sector, being at the heart of our national infrastructure, is a prime target for such attacks.

What is CSIRT?

• A computer security incident response team, or CSIRT, is a group of IT professionals that provides an organization with services and support surrounding the assessment, management and prevention of cybersecurity-related emergencies, as well as coordination of incident response efforts.
• The main goal of a CSIRT is to respond to computer security incidents quickly and efficiently, thus regaining control and minimizing damage.

Why is it the need of the hour?

• The establishment of CSIRT-Power comes at a crucial time as the power sector is undergoing a significant digital transformation, expanding the attack surface and increasing vulnerabilities.
• Existing sub-sectoral Computer Emergency Response Teams (CERTs) were found lacking in legal mandates, resources, and skilled personnel to effectively handle sophisticated cyber threats.
• CSIRT-Power aims to fill this gap.