In light of the rising incidence of cyber threats and regulatory requirements such as Cert-IN, MeitY, and NCIIPC, the Employees Provident Fund Organisation (EPFO) has made the decision to establish an in-house Next Generation Security Operations Centre (SOC) at its NDC Dwarka premises. In light of Indian regulatory requirements (CERT-In, NCIIPC, etc.) and the growing threat scenery of unique cyber threats and malware, including threats originating from emerging technologies such as AI/ML, blockchains, bots, dark webs, social engineering, cloud, etc., a decision has been made to establish a state-of-the-art Next Gen Security Operations Centre (SOC) that operates around the clock, 24/7/365, to facilitate proactive monitoring and forecasting of both internal and external cyber-attacks on the EPFO's IT environment.

The EPFO SoC will first be implemented for the NDC, DR, and DC locations. After the EPFO SoC becomes stable and developed, more stakeholders or state services may be added, and this will depend on the successful bidder's scope of work. For a five-year contract that is three years extended to two years, EPFO will provide, install, test, commission, and manage Next Gen SOC technologies collaboratively. Commenting on the development, Pratik Vaidya MD & CVO, Karma Global - a tech-enabled HR Staffing & Compliance Organization has shared his views.

EPFO - Employees' Provident Fund Organisation is the world's largest social security organization in respect of volumes of transactions undertaken and the number of clients that it has on board. It currently maintains 24.77 crore accounts of its members and all the various schemes under this act administered by the Central Board of Trustees(CBT) are (1) a contributory provident fund, (2) a pension scheme and (3) insurance scheme for the workforce engaged in the organized sector in the country.

Reaction & Opinion By Pratik Vaidya On EPFO Next Gen SOC

The recent news that EPFO is going to engage some professionals in the light of the rising number of cases of cyberattacks is a positive step in the right direction which should have been done earlier but nevertheless, going forward, this perhaps will be a good move to set up an in-house next-generation security operations centre (SOC) to be manned by a team of highly competent security professionals 24x7x365 basis. My fear is that if precautions are not taken, these cyber threats can infiltrate any system or tamper with the mechanism, resulting in revenue loss, workflow disruption and reputational damage.

I think that cloud-based security analytics and operation technologies are being used by many enterprises in Western Countries, and 7 in 10 organizations surveyed have implemented security information and event management (SIEM) platforms, 64% have used threat intelligence, and the same proportion have used endpoint detection and response (EDR) tools. Efforts should be accelerated with greater emphasis on security controls preventing network penetration and also at the same time, internal security management should be beefed up and all-out efforts should be made to stop data leaks including third-party leaks.

What EPFO has undertaken to have round-the-clock and round-the-year monitoring is a noteworthy approach and is highly commendable given the size of its transactions and the volumes