Chief Secretary Atal Dulloo convened a high-level meeting to review and enhance the cyber security framework for the government assets and websites in the Union Territory, marking a significant step towards fortifying the digital infrastructure.

The comprehensive discussion underscored the paramount importance of robust cyber resilience in the digital age.

The meeting was attended by all the administrative heads; Inspector General, Crime; Commissioner, JMC and SMC; SIO, NIC and other concerned senior officers.

The Chief Secretary unequivocally emphasized the urgent need to revive all the government websites and web applications, previously rendered offline due to non-compliance with the essential audit and security parameters. He maintained that the prolonged shutdown of these critical digital platforms, even for security reasons, could not be taken for granted and directed for immediate measures for the earliest restoration. He enjoined upon the IT Department to submit the compliance reports from all departments every three days, specifically on Mondays and Thursdays.

Conducting a department-wise assessment of currently offline websites and applications, Dulloo directed the National Informatics Centre (NIC) and IT Department to take immediate action to restore these vital services online.

In a strong push for enhanced data safety and security, the Chief Secretary impressed upon all the concerned authorities to restrict the official communications exclusively to authorized government email addresses, imposing a strict ban on the use of private email IDs for official business. He reiterated that the security of government data and cyber assets is non-negotiable and brooks no compromise.

Furthermore, he directed the swift migration of mini data centers, currently used by offices such as JPDCL, KPDCL and SICOP, to more secure and centralized facilities for enhanced safety and security management.

Dulloo also assessed the proactive measures being undertaken by the IT Department and NIC to ensure overall safety of the Union Territory's digital assets and websites.

The meeting also emphasized continuous capacity building for the officers and officials to promote a culture of cyber hygiene.

The Chief Secretary stressed that this process must be ongoing, with creation of dedicated 'master trainers' within each department to disseminate the best practices. He directed for implementation of long-term strategic measures to ensure the government's digital systems remain secure for the foreseeable future.

Providing an update on the department’s initiatives, Secretary IT, Piyush Singla, informed the Chief Secretary that a two-day workshop on cyber security had recently been organized in J&K, attended by approximately 250 officers.

Singla highlighted that numerous additional steps are underway to enhance the capacity of government officers. He added that Chief Information Security Officers (CISOs) or Information Security Officers (ISOs) have been nominated within each department to safeguard the IT assets.

It was further revealed that approximately 110 websites are currently undergoing various phases of security audit, with 45 of them in their final stage, poised to go live soon.

The Secretary IT reiterated that every website or application must strictly comply with CERT-In and OWASP guidelines before being brought back online.

In terms of technical safeguards, it was reported that Endpoint Detection and Response (EDR) solutions have been installed on 4011 devices and Unified Endpoint Management (UEM) solutions on 1617 devices to date, ensuring the end-user safety.

 Moreover, comprehensive measures such as VPN security, geo-fencing, port security, alongside robust firewall and router policies, have been adopted across the board to achieve enhanced cyber protection objectives.