Tata Power Delhi Distribution Limited, a pioneering power utility supplying electricity to a populace of over 7 million in North Delhi has been successfully empanelled by the Indian Computer Emergency Response Team (CERT-In) for providing information security auditing services. With this empanelment, it becomes the first power distribution utility company in the country to have received this status.
Tata Power-DDL’s push to offer its cybersecurity services comes at a time when cyber-attacks have become a serious threat to most organisations. India witnessed a surge in cyber-attacks following the lockdown imposed in 2020. According to a recent government data, the country reported 1.16 million cybersecurity cases in 2020, which is three times more than 2019.
Speaking on this achievement, Mr. S Samanta, Chief- Information Technology, Tata Power-DDL said, “With an increase in the internet usage, there is a rise in the number of cybersecurity incidents in the country. Therefore, implementation of information security best practices to proactively manage and mitigate cybersecurity risk becomes critical.”
“The CERT-In empanelment commends our commitment to innovation and responsiveness to industry needs. It is a major milestone in our journey to becoming the preferred partner for enterprises when it comes to security, which is a top priority in today’s digitally connected world. We are happy to be amongst the list of empanelled organizations and look forward to working with various government/corporate and PSU entities”, he added.
The empanelment ‘Information Security Auditing Organisation’ (ISAO) is in accordance with ‘the terms and conditions of empanelment’ as issued by CERT-In from time to time which shall provide an opportunity to Tata Power-DDL to promote the information security auditing standards in the industry and geography. With this empanelment, the company will be able to conduct information security audits for various government and public sector enterprises in addition to its corporate entities. The company will also offer professional services including penetration testing, vulnerability assessment, network security audit, web application security audit, wireless security audit, compliance audits (ISO 27001), ICS/OT audits, IT security policy and documentation, phishing campaign, architecture review, and source code review. The professional services extended will help in identifying the risks while recommending adequate controls to maintain the cybersecurity posture of the organisation against internal and external threats.
