SRINAGAR: Chief Secretary, Atal Dulloo, today chaired a meeting to review the Cyber Security Action Plan for J&K, aimed at strengthening the UT’s defense against the emerging cyber threats and ensuring the protection of critical digital infrastructure.
The meeting was attended by Secretary, IT Department; CEO, JaKeGA; State Informatics Officer, NIC; senior officers from civil administration and police and other departmental representatives.
The review formed part of the government’s regular follow-up on security measures being implemented to safeguard the digital assets of the administration, protect sensitive data and promote cyber hygiene across the departments.
The UT administration has adopted a mix of rapid-response measures, structural reforms and long-term capacity-building initiatives to ensure uninterrupted delivery of e-Governance services.
During the meeting, the Chief Secretary took stock of the actions taken in line with his earlier directions and reiterated the government’s unwavering commitment to creating a secure, modern and resilient digital ecosystem. He stressed that no compromise should be made in securing the IT infrastructure of the UT.
The key initiatives that were reviewed included the Cyber Security Contingency Plan (CSCP).
Secretary IT, Dr. Piyush Singla, informed that a detailed proposal has been prepared and submitted to the Ministry for Electronics and Information Technology (MeitY) for approval.
With respect to ensuring endpoint and device security, it was revealed that over 4,500 devices have been secured with Endpoint Detection and Response (EDR) solutions and more than 2,300 with Unified Endpoint Management (UEM) tools. The process is ongoing in major HoD offices and DC offices.
Another security measure taken is the restricted VPN Access. It was informed that the VPN usage is now limited to multi-factor authenticated users, with geo-fencing enabled to restrict access within India.
On the website security audits, it was revealed that of the 239 government websites, 140 have been restored post-compulsory security audits in compliance with CERT-In and OWASP norms, along with deployment of web application firewalls.
Additionally, it was informed that standard protocols are being enforced across the departments, unused domains are rationalised and cyber hygiene are being actively promoted across the departments.
Moreover, the meeting discussed the progress on merger of departmental data centres into a single, centralized State Data Centre (SDC). It was given out that the task would be completed within six months to ensure uniform security standards and operational efficiency across all these offices and departments.
In addition, augmentation of SDC in Jammu is also being worked out. The capacity for 300 racks (100 racks in the first phase) is being created with Tier III/IV compliance and high redundancy. A dedicated Network Operations Centre (NOC) and Security Operations Centre (SOC) are being planned for real-time cyber threat monitoring in J&K.
About the IT Asset Census, it was revealed that thirteen departments have already submitted details of their IT infrastructure for comprehensive mapping.
The implementation of secure web protocols for video conferencing, transition from IPv4 to IPv6, disabling and white listing of USBs, rollout of e-SAM and capacity building in collaboration with CERT-In were debated threadbare as some other measures taken to ensure cyber security.
The meeting also emphasized awareness and training, with initiatives like Cyber Jagroota campaigns, awareness workshops and training sessions being conducted in both online and offline modes to sensitize the employees about safe cyber practices.
The Chief Secretary appreciated the progress achieved and directed the departments to expedite the pending measures to strengthen J&K’s cyber resilience.