Railways troubleshooters to help fight cybersecurity breaches
Following a directive by Prime Minister Narendra Modi to all government departments to pick personnel with a technical aptitude for the job and train them in cyber security, Indian Railways has begun identifying troubleshooters to tackle online security breaches.
The Prime Minister’s directive followed an alarming increase in the number of breaches and attempted breaches of government computer systems. In an order sent to all general managers in Indian Railways, the Railway Board noted that the national transporter had shifted the bulk of its operations to an Information & Communication Technology (ICT) platform and stressed the need to safeguard critical information.
“It has been observed that, in recent times, an alarming increase has been seen in the number of breaches/attempted breaches to ICT infrastructure of Govt Organisations. The Government of India, at the highest level, is also seized of the need for adequately and appropriately securing the ICT infrastructure,” the Railway Board said in the order, a copy of which has been reviewed by HT.
“It has, therefore, been decided that certain strength of officials from each Railway Unit with aptitude in ICT hardware, software, networking and compliances may be identified for forming the group for that Unit, to begin with. This group would work under the overall supervision of the nominated CISO (chief information security officer) of the Railway Unit,” the order stated.
The PM, during a presentation on the National Cyber Security Strategy 2020 on September 1, said: “Every ministry has some personnel with technical aptitudes. These are to be identified and trained in cyber security courses within six months. These should then form the cyber security nucleus of that ministry.”
In recent times, the railways has had to deal with a slew of cases in which illegal applications were used to book tickets, bypassing the railway firewall. While many such rackets have been busted by the Railway Protection Force (RPF) , newer technology replace those.
In November, a meeting was convened by the secretary (Security) in the Cabinet secretariat to firm up the roadmap for implementation of the PM’s directive, the order from the Railway Board stated.
According to the minutes of the meeting on the National Cyber Security Strategy 2020, reviewed by HT, these officials will be trained in both practical and theoretical aspects of cyber security through a course prepared by the ministry of electronics and information technology of around six to eight hours. For advanced training, officers who are technically qualified or and have a requisite aptitude for cyber security or information technology will be identified.
The training according to the note should enable officers to “troubleshoot”.
The Railway Board has also allotted nominations for each railway unit. While the zonal railways have been assigned eight such officers each for generic training and four for the advanced courses, railway public sector undertakings have four each nominated for its regular training courses and two for advanced ones.