CSO100 Award 2019
CSO100 Award 2018
As CISO at Tata Power Delhi Distribution, Dharmendra Kumar played a key role in simplifying security operations and leveraging information and communication technology to enhance the safety and security of grids and other critical installations spread across the company's electricity distribution network.
KEY SECURITY INITIATIVES
Tata Power Delhi Distribution faced a business requirement to develop a secure architecture. Separate encryption keys for users and end devices were rolled out and a robust key lifecycle protocol was followed to ensure destruction of keys as per industry standards. Among the challenges faced by the company, Kumar pointed out that the skillset required to deploy hardware security modules is limited. Also, integration with other apps is a complex process. The power distribution major implemented a Public Key Infrastructure (PKI) for authentication of smart meters, based on a Hardware Security Module (HSM). Kumar highlighted that securing this two-way line of communication was imperative, and would require a solution for authentication and device attestation to ensure the integrity of the grid. Additionally, an IPv6 based RF-mesh network was deployed and a firewall was installed at the collector's end. Kumar believes that this solution will benefit Tata Power-DDL achieve a secure, mature and process-oriented system. The company ensured secure registration by enforcing that all network devices must be successfully authenticated using PANA (Protocol for Carrying Authentication for Network Access). Tata Power-DDL is compliant with NIST, FIPS, and NERC standards.