1Deputy Manager, Information Security Department, Power Grid Corporation of India Ltd, Gurugram, India
2Senior DGM, Information Security Department, Power Grid Corporation of India Ltd., Gurugram, India
3Chief GM, Information Security Department, Power Grid Corporation of India Ltd., Gurugram, India
Online published on 4 May, 2023.
The increasing adoption and reliance on commercial off the shelf digital technologies sourced from global supply chains-in the interconnected power systems with intelligent assets owned, installed and managed by multiple agencies, has-inadvertently raised probabilities of exploitation of many known vulnerabilities. Operational Technology (OT) systems are-distinct from Information technology (IT) Systems because of their criticality for the reliable and trustworthy dependence, for functioning of modern society. This criticality requires priority for safety, reliability and availability considerations for the inter-dependent physical systems and services. However, these systems were not designed with cybersecurity in-mind and often lack built-in security features required to safeguard these critical OT systems from prevalent cyber threats thus posing potent risks. These risks require strategic management intervention for planning and implementation of-appropriate organisational systems and processes for mitigating these cyber threats. This paper provides insights into the technical approaches required and on the organizational processes that need to be built to improve the cybersecurity posture of any organization in power sector.
Cybersecurity, Operational technology, Power sector, Purdue reference architecture