Cyber security is a universal issue
and there needs to be
coordination of public and
private sector entities in combating
cyber threat, said Ramesh Chandak,
President, IEEMA. He was delivering
the keynote address at a recent national
seminar on "Cyber Security for Crucial
Power Networks," in Mumbai
organized by city-based High-Tech
Technologies.
Chandak observed that cyber attacks
can be equated to terrorism and efforts
must be directed to protect networks
from deliberate attack. While the power
sector can be amongst the bigger
casualties of cyber attacks, other critical
sectors like transport and healthcare are
also vulnerable, he
noted. The IEEMA
President also made a
pertinent remark that it
is not only large
companies that need to
protect themselves from
cyber vandalism; even
the SME sector can be
affected. Any cyber
attack on the SME sector
can seriously disrupt the
supply chain, said
Chandak.
The power sector is
crucial to the economy
and hence power
networks need special protection from
cyber threat. Chandak cited examples of
there being security breaches even in
Smart Grids of developing nations like
USA. Right from power generation to
consumption, power networks could be
hacked, he felt. Cyber attacks can result
not only in disruption of power supplies
but also be the cause of widespread data
corruption leading to commercial losses
of power utilities.
The IEEMA President also underlined
the importance of Smart Grids and
noted that it was part of the power
ministry's priority agenda. Indian
government has created a task force on
Smart Grid, he said, adding that IEEMA
has also created a Smart Grid division.
The chief guest of the seminar Union
power minister, Sushilkumar Shinde,
addressing through video link,
encouraged Dr. Dinesh Mhatre, CEO,
High-Tech Technologies, for piloting the
idea and bringing the latest technology
in India,
N.S. Sodha, Executive Director,
Power Grid Corporation of India Ltd,
underlined the timeliness of the
seminar and, in his detailed
presentation, discussed the issue of
cyber threat in the power sector and
how upcoming power systems need to
be equipped to handle malicious cyber
intent. In the XII Plan period (2012-
17), India would be adding around
80,000 mw of new power generation
capacity that would be much more
than the cumulative achievement of
the past 15 years. Investment to the
order of Rs.4 trillion will be made in
the power T&D sector alone, Sodha
noted. In future, there will be Internet
connectivity between the power
generator and power consumer. Grid
management centres are already
interacting with market
intermediaries like power regulators
and power exchanges. "Connectivity
and data flow have increased manifold
and definitely, more and more secured
power networks are necessary in
future," Sodha said.
Jeremy Butcher, CEO, Fox-IT
discussed at length the nature of cyber
threats and gave examples from
different parts of the world on how
utility services were affected through
cyber espionage. Butcher even cited an
example of a leading private sector
utility company going bankrupt soon
after a cyber assault. Fox-IT is a global
provider of cyber security services and
its flagship product "Data Diode" is
being widely used in various countries
by critical network infrastructure
companies in protecting their networks
from cyber threat. Fox-IT, through an
exclusive partnership with Mumbai based
Hi-Tech Technologies, is on course
to launching its products and services in
India. Butcher made a very enlightening
observation that though firewalls are
often regarded as an efficient means to
protect network, they have serious
limitations and are extremely
vulnerable. Data diodes, on the other
hand, offer much stronger
protection. Discussing
technical details, the Fox-IT
official explained that data
diodes offer complete
protection because they
allow only unidirectional
flow of information.
The highlight of the
seminar was a thoughtprovoking
presentation by
B.J. Srinath, Senior Director,
CERT-in, Ministry of
Communication &
Information Technology,
Government of India, who
not only gave an overview of
India's efforts towards building cyber
security but also touched upon the
subject of security on a rather
philosophical plane. In a light-hearted
talk that evoked much appreciation
from the audience, Srinath said that
there was nothing like "absolute
security". It is only a question of
increasing our comfort level about
security. Srinath observed that while
formulating security measures, 80 per
cent of the solution comes from
"common sense" while another 15 per
cent is the contribution of technology.
There will always be a small component
that is beyond one's control.
Highlighting a paradox about security
that attracted bouts of laughter, Srinath
said, "Deciding that I am at low risk is
itself the biggest risk!"
|