To address the pressing issue of cybersecurity in the energy sector, USAID, through its SAREP program, organised a workshop on ‘Cybersecurity Posture Assessment for Power Utilities’ in Assam on October 12. It was held in partnership with the Ministry of Power, Government of India and was attended by key officials from Assam Electricity Grid Corporation Ltd. and State Load Despatch Centre, Assam.
The workshop focused on the significance of cybersecurity and the practical steps needed to bolster defences for the energy sector. Participants discussed the global cybersecurity landscape, including real-world cyberattacks on energy infrastructure. Dr Faruk Kazi, Advisor, SAREP, highlighted incidents in India, emphasizing the urgent need for robust cybersecurity practices in the power sector. Participants were encouraged to closely monitor network traffic, keep IT and OT networks separate, and make informed device procurement decisions.
The Cybersecurity Posture Assessment Tool (CPAT) developed by SAREP was also introduced at the workshop. This tool, designed specifically for Asian power utilities, assists in identifying and addressing cybersecurity requirements in the region. It covers key domains: risk identification, asset protection, threat detection, incident response, and effective recovery measures. Power utilities can use CPAT to evaluate their existing cybersecurity measures, identify vulnerabilities, and implement necessary improvements to fortify their defences.
The workshop concluded by underlining the evolving nature of cybersecurity and the need for continuous adaptation. It emphasized the importance of involving stakeholders, aligning policies with risk tolerance, maintaining updated documentation, and raising employee awareness about their roles in ensuring physical security and responsible data handling. These measures are essential to safeguard the energy sector from cyber threats and disruptions effectively.
On October 13, as part of the cybersecurity workshop, participants conducted field visits. They started with a visit to the State Load Despatch Centre (SLDC) to observe its operations and security measures. Subsequently, they toured a Transmission Substation to gain a first-hand understanding of critical infrastructure and its vulnerabilities.
Agenda: