The Ministry of Electronics and Information Technology (MeitY), in collaboration with the Government of Uttar Pradesh, successfully conducted a two-day Cyber Security Workshop in Lucknow this week. This initiative, part of the National e-Governance Division’s (NeGD) training program, brought together key state officials and cybersecurity professionals to fortify the state’s digital infrastructure against cyber threats.
Held at Yojana Bhawan, the workshop saw the attendance of over 150 government officials, including Chief Information Security Officers (CISOs) and Deputy CISOs from various departments. The training covered critical areas in cybersecurity, such as identity management, data protection, application security, and cyber crisis management.
In her role as Managing Director of UPDESCO and State CISO, Neha Jain highlighted the responsibility UPDESCO holds as the nodal agency for cybersecurity in UP. “Our goal is to ensure that citizens’ data is safeguarded and remains private. We work closely with CISOs and Deputy CISOs across state departments to establish security protocols, manage hardware and software inventory, and secure all IT governance frameworks,” she shared. Jain also underscored that UPDESCO coordinates training and awareness on data security practices across departments to enhance resilience against cyber risks.
Vendor Security and Adherence to CERT Guidelines
One key aspect of UPDESCO’s cybersecurity strategy is ensuring third-party vendors follow secure coding and design standards. In response to a question about vendor accountability, Jain stated, “At UPDESCO, we prioritise the Secure by Design framework, ensuring that our vendors embed security into the development process. We are organising a workshop to familiarise vendors with cybersecurity guidelines from CERT, specifically around secure code development practices, which is crucial to strengthening the overall security of our projects.”
Challenges in Cybersecurity Talent Acquisition
Addressing the broader challenges of building a skilled cybersecurity workforce, Jain identified the shortage of specialised cybersecurity personnel as a significant barrier. “Cybersecurity is a very specialised domain, and the lack of skilled personnel is a nationwide challenge. While we have tech-savvy professionals, many lack specific knowledge of advanced cybersecurity practices,” she noted, stressing the importance of training in building a cybersecurity-aware workforce within state departments.
Cyber Crisis Management Plans for Organised Responses
The workshop also focused on Cyber Crisis Management Plans (CCMP), essential for organised responses to cyber incidents. Jain explained that the CCMP functions similarly to a disaster management plan, outlining the procedures to be followed during a cyber incident. “When a natural disaster strikes, we have a response plan in place. Similarly, for cyber threats, we prepare by defining key personnel, securing our Security Operations Center (SOC), and developing robust backup plans. This helps us ensure the confidentiality, integrity, and availability of government services,” she added.
Artificial Intelligence in Cybersecurity
As cyber threats evolve, UPDESCO is also leveraging AI to enhance its cybersecurity capabilities. Jain discussed the growing role of AI in protecting e-governance systems, noting that threat actors are increasingly using AI to create more sophisticated attacks. “Our defence needs to be equally sophisticated. AI helps us analyse patterns in large data sets, identify repeated probing from malicious actors, and block these threats in real-time,” she explained. This proactive approach allows the state to detect unusual behaviour and potential threats before they can escalate.
Positive Response and Participation
The workshop received a highly enthusiastic response from attendees. Jain described the high level of engagement, noting, “The Chief Secretary attended for over an hour, and the Information Secretary stayed for nearly four hours on the first day. By the end of the second day, the hall was still full, with officers eager to learn and participate in discussions.” Several departments expressed interest in specialised cybersecurity training sessions, highlighting a growing recognition of cybersecurity’s importance in public administration.
Inaugurating the event, UP’s Chief Secretary, Manoj Kumar Singh, underscored the importance of cybersecurity in protecting citizens’ data and the state’s digital infrastructure. “As digital services continue to expand, it is crucial to ensure robust cybersecurity to protect government data and citizens’ information,” he stated.
Through this workshop, NeGD and UPDESCO under the supervision of IT&E Department, UP, aim to fortify the state’s cybersecurity framework, ensuring that UP’s digital infrastructure is resilient, efficient, and capable of supporting secure, citizen-centric e-governance services. This initiative aligns with the Digital India mission’s goal of creating a cyber-resilient public sector that prioritises data security and the delivery of reliable public services.