The POWERGRID Centre of Excellence (CoE) in Cybersecurity has been established at the Indian Institute of Science (IISc), Bengaluru to advance research and development in cybersecurity for power grid operations and transmission systems. The initiative is part of India’s broader effort to build a resilient and secure power ecosystem.

To strengthen cyber readiness across the sector, the Central Electricity Authority (CEA) issued the Cyber Security in Power Sector Guidelines, 2021, creating a comprehensive cyber assurance framework and governance structure for all power entities. Further, the draft CEA (Cyber Security in Power Sector) Regulations, 2025 are in the final stages of preparation and will provide a more detailed security framework once notified.

The Ministry of Power established the Computer Security Incident Response Team – Power (CSIRT-Power) on 5 April 2023 at CEA as an extended arm of CERT-In. CSIRT-Power supports utilities in detecting, responding to and managing cyber incidents, and in strengthening overall preparedness. The Ministry has also created six sub-sectoral Computer Emergency Response Teams (CERTs) covering Thermal, Hydro, Transmission, Grid Operation, Renewable Energy and Distribution. Each CERT is developing a dedicated Cyber Crisis Management Plan (C-CMP) for coordinated mitigation during cyber-attacks.

In Gujarat, the Gujarat Energy Transmission Corporation Limited (GETCO) has implemented a comprehensive cybersecurity framework, including strict access controls, enhanced endpoint protection, encrypted communications, next-generation firewalls between Remote Control Centres and the State Load Despatch Centre (SLDC), and upgraded antivirus systems to prevent malware.

Importantly, over the past five years, no cybersecurity breaches or successful attacks have been reported in the operational systems of the National Load Despatch Centre (NLDC).

Periodic cybersecurity audits are conducted across the power sector under the 2021 CEA Guidelines, carried out by CERT-In–empanelled third-party auditors. At the NLDC, nine assessments of IT infrastructure and five assessments of Operational Technology (OT) systems have been completed in the past five years, including SCADA and related systems. Similar audits are routinely conducted across all SLDCs, covering IT, OT and critical systems such as SCADA and the Unified Real-Time Dynamic State Measurement (URTDSM) platform.

These initiatives collectively strengthen India’s power sector resilience, ensure secure operations and reinforce national preparedness against evolving cyber threats.