ABOUT CYBER SECURITY DIVISION

Department of Governance Reforms (DGR) is the nodal agency within state to deal with cyber security incidents, threats like hacking and phishing and for security audit & cyber security related issues. To conduct security audit of applications (PSDC) and to establish and manage relationship with CERT-IN for co-ordination and response during cyber threats.

In case of any cyber security incident occur within Punjab state, it should be escalated to Chief Information Security Officer at state level by the statutory bodies (CERT-IN / NCIIPC etc.) created out of IT Act 2000.

DGR has recently formed a Cyber Security Division headed by Chief Information Security Officer (CISO), Cyber Security Expert with technical qualification and skill sets based on empanelled criteria guidelines issued by CERT-In.

Cyber Security Team will prepare guidelines, advisories, vulnerability notes and whitepapers relating to information security practices, procedures, prevention, response and reporting of cyber incidents to Punjab state departments.

OBJECTIVE

Vision

  • To act as a nodal agency for security audit & cyber security related issues for hosted application of Govt. of Punjab Departments within PSDC.
  • To conduct Security Audit and to establish and manage relationship with CERT-IN for co-ordination and response during cyber threats.
  • Being a govt. back body DGR will act to mitigate the time lag on conducting the security audit of systems of govt. of Punjab depts. and other organizations.

Mission

  • Prepare guidelines, advisories, vulnerability notes and whitepapers relating to information security practices, procedures, prevention, response and reporting of cyber incidents.
  • To perform Security Audit of Application(s), Portal(s), Website(s) for Punjab State govt. departments applications hosted within PSDC.
  • Security Quality management services in the form of cyber security audits, promotion of best practices and cyber security exercises/drills.
  • To issue certification for secure hosting within Punjab State Data Centre.

Security Audit Services

What we do

VULNERABILITY ASSESSMENT

Vulnerability assessment is the process of identifying and evaluating potential security weaknesses in a system, network, or application to determine the level of risk they pose to an organization.

PENETRATION TESTING

Penetration testing is a process of assessing the security of computer systems or networks by simulating an attack from a malicious actor to identify vulnerabilities and weaknesses that could be exploited.

SECURITY & COMPLIANCE AUDIT (ISO/IEC 27001)

ISO/IEC 27001 (Security & compliance ) audit is globally recognized standard for creating, implementing, maintaining, and improving an information security management system (ISMS) in an organization.

SECURE CONFIGRATION AUDIT

Secure configuration audit is an assessment process that evaluates the configuration of an organization’s systems and devices to ensure they meet security standards and best practices.

IT INFRASTRUCTURE AUDIT

A comprehensive assessment of an organization’s technology infrastructure, including hardware, software, networks, and data centers, to evaluate its effectiveness, efficiency, and security.

APPLICATION AUDIT

An application audit (Website / Intranet Portal/ Mobile apps) is a process of reviewing and evaluating the security, functionality, and performance of an application to identify and mitigate potential risks and vulnerabilities.

Security Audit Process

Below is the approach and methodology for Security Audit of all application hosted within PSDC:

Note * Applications having valid Third-Party Audit or No Certificate required to go through complete process for Secure hosting in Production of PSDC)

What's
New

Write to us

For Security Audit

Please reach out Punjab Cyber Experts
for your customize Security Audit requirments

Write Us