Amid rising cyber threats to critical infrastructure, Bangalore Electricity Supply Company Ltd (BESCOM) has called bids for a dedicated cyber security operations centre (C-SOC) to protect its operations and infrastructure.
The utility recently floated a tender to design, deploy and operate an integrated C-SOC to cover both its information technology (IT) and operational technology (OT) systems. The facility will come up at BESCOM’s head office in Bengaluru’s KR Circle.
“This is the first time we are setting up a Security Operations Centre equipped with AI and machine learning tools. Critical infrastructure is now a prime target for digital sabotage,” a senior BESCOM official told Moneycontrol on condition of anonymity.
“This becomes more important as we expand smart meters and automate the distribution network. So far, we have faced only minor cyberattacks, but we expect them to increase as we further digitise our operations.”
The estimated cost of the project is around Rs 30 crore. Of this, about Rs 3.6 crore has been earmarked for initial setup and licensing, Rs 16.1 crore for maintenance and technical subscriptions, and Rs 9.9 crore towards manpower. BESCOM distributes electricity across eight districts in Karnataka, serving more than 20 million people.
The C-SOC will integrate with BESCOM’s infrastructure, including mobile and web applications and services hosted on public cloud. It will monitor events such as port and vulnerability scans, password-cracking attempts, malware outbreaks, unauthorised system access, intrusion attempts and denial-of-service (DoS/DDoS) attacks, the tender document said. SOC will adopt a layered architecture with clear segregation between corporate IT systems and field-level OT networks to minimise the risk of cross-network compromise.
The system will rely on AI/ML-driven analytics, behavioural monitoring and threat intelligence feeds to detect anomalies, hunt threats and trigger automated responses. Logs from servers, endpoints, OT controllers, IoT devices and cloud platforms will be analysed in real time.
The selected firm will handle end-to-end implementation, including infrastructure, software tools and staffing. The operations centre will include analyst workstations, a video wall for real-time monitoring, secure server rooms with firewalls and intrusion detection systems, storage infrastructure and redundant network connectivity.
