
Central Government (CG) has taken several steps to ensure Cyber Security of the Power grid. Under the Information Technology Act, 2000, Indian Computer Emergency Response Team (CERT-In) has been designated as the national agency for responding to cyber security incidents.
Further, National Critical Information Infrastructure Protection Centre (NCIIPC) has been established to ensure protection of critical information infrastructure in the country including power sector.
Computer Security Incident Response Team Power (CSIRT – Power) has been established in April, 2023 exclusively for the power sector. Additionally, Sectoral Computer Emergency Response Teams (CERTs) have been setup for Thermal, Hydro, Transmission, Distribution, Grid Operation and Renewable Energy sectors.
Some key steps that have been taken to improve cyber security infrastructure relating to the power grid include: i) Grid-India has established a Security Operation Centre (SOC) to monitor security events and incidents across Regional Load Despatch Centres (RLDCs) and National Load Despatch Centres (NLDC). Information Technology (IT) infrastructure of NLDC has been improved with advanced security features. ii) A Security Operation Centre (SOC) has been set up in POWERGRID for 24X7 monitoring of critical assets. iii) Several IT infrastructure upgrades have been performed to improve cyber security across multiple states in the past five years.
As of March, 2024, 30 out of 35 State Load Despatch Centres (SLDCs) managing the grid operations have conducted Vulnerability Assessment & Penetration Testing (VAPT) cyber security audits in the past five years.
