Railroad Troubleshooters to Help Fight Cybersecurity Breaches
Following a directive from Prime Minister Narendra Modi to all government departments to select personnel with technical skills for the job and train them in cyber security, Indian Railways has begun to identify problem solvers to address online security breaches.
The prime minister’s directive followed an alarming increase in the number of breaches and attempted breaches of government computer systems. In an order sent to all Indian Railways general managers, the Railroad Board noted that the national carrier had switched most of its operations to an information and communication technology (ICT) platform and highlighted the need to safeguard critical information.
“It has been observed that, in recent times, there has been an alarming increase in the number of breaches / attempted breaches of the ICT infrastructure of government organizations. The Government of India, at the highest level, is also aware of the need to adequately and appropriately secure the ICT infrastructure, ”the Railway Board said in the order, a copy of which has been reviewed by HT.
“Therefore, it has been decided that a certain force of officials from each Railway Unit with aptitude in hardware, software, networks and ICT compliance can be identified to form the group of that Unit, to begin with. This group would work under the general supervision of the designated CISO (director of information security) of the Railway Unit, ”the order said.
The Prime Minister, during a presentation on the National Cybersecurity Strategy 2020 on September 1, said: “Each ministry has some staff with technical skills. These must be identified and trained in cyber security courses within six months. These should form the cybersecurity core of that ministry. “
In recent times, railways have had to deal with a large number of cases where illegal applications were used to book tickets, bypassing the railroad firewall. While many of those rackets have been destroyed by the Railway Protection Force (RPF), newer technology replaces them.
In November, the secretary (Security) in the Cabinet secretariat called a meeting to finalize the roadmap for the implementation of the PM directive, according to the order of the Railroad Board.
According to the minutes of the meeting on the 2020 National Cybersecurity Strategy, reviewed by HT, these officials will be trained in both practical and theoretical aspects of cybersecurity through a course prepared by the Ministry of Electronics and Information Technologies of about six to eight. hours. For advanced training, officers who are technically qualified or have the necessary cybersecurity or information technology aptitude will be identified.
Training according to the note should allow officers to “troubleshoot.”
The Railroad Board has also assigned nominations for each rail unit. While the zonal railroads have been assigned eight such officers each for generic training and four for advanced courses, the public sector rail companies have four nominees for their regular training courses and two for advanced courses.