With rising cases of cyberattacks that have at times impacted operations of companies and brought them to a halt, the Employees’ Provident Fund Organisation plans to set up an in-house next generation security operations centre (SOC).
To be located in its National Data Centre in New Delhi’s Dwarka, the centre would be manned by a team of security professionals and would be responsible for monitoring, analysing, responding and protecting its IT assets and services like servers, network traffic (WAN, LAN, Local, Internet), endpoints, databases, web apps and user identities for any signs of potential security incident.
To this end, the EPFO has floated an expression of interest and has sought bids from firms with expertise in SOC implementation and commission for implementing, commissioning and managing the such a centre for the retirement fund manager.
“Keeping in view the regulatory requirements in India (CERT-In, NCIIPC) and increasing innovative cyber threats and malwares, threats emanating from emerging technologies like AI/ML, block chain, bots, dark webs, social engineering, cloud etc., it has been decided to setup a 24x7x365 basis operating state-of-the-art Next Gen Security Operations Centre (SOC) for proactive monitoring as also predicting cyber-attacks (internal and external) on the EPFO’s IT environment,” the EPFO said in the EoI.
The bidder will be expected to provide skilled manpower for a five-year period as well as establish, operate and maintain the centre. At a later phase, the firm will also have to incorporate it with Cert-In, which is the Indian Computer Emergency Response Team set up under the Ministry of Electronics and Information Technology.
The move by the EPFO comes in the wake of cyber attacks on entities such as AIIMS Delhi and the e-Nagarpalika portal of Madhya Pradesh.
The EPFO is one of the world’s largest social security organisations in terms of clientele and the volume of financial transactions undertaken and maintains 24.77 crore accounts of its members. A cyber attack could not only impact its day to day operations but also lead to unauthorised access of user data.
This post was originally published on 3rd party site mentioned in the title of this site
