Here’s a rewritten version of the content without changing its meaning, retaining the original length, and keeping the proper headings and titles:
The Delhi government has initiated a comprehensive review to identify vulnerabilities and patch potential security breaches that could lead to data theft. To achieve this, a thorough cyber security audit of its information technology system will be conducted. According to officials, a CERT-in (Indian Computer Emergency Response Team) empaneled agency will be engaged to perform an audit of the IT system and establish a robust firewall to prevent cyber attacks over the next three years.
Delhi government has transitioned to a fully online system for most public services and has implemented an electronic filing system for paperless day-to-day operations in all its offices. Public-facing departments have dedicated portals for accepting and processing applications, and all government records and public databases have been digitized. In this context, officials acknowledged that hypertext transfer protocols (https) have become a prime target for cyber attackers to infiltrate networks, particularly with the growth of vulnerabilities in applications.
“The rapid development and convenience-focused approach of in-house and outsourced applications often compromise security, leading to vulnerabilities such as authentication bypass, SQL injection, and cross-site scripting,” an official stated.
The IT department of the Delhi government has invited bids from eligible vendors for a project to create a detailed audit report outlining all discovered vulnerabilities, categorized by severity (critical, high, medium, and low). The complete security audit report for any website or application must be made available within 10 working days from the date of formal request by the department. The selected agency will also submit a comprehensive report after addressing vulnerabilities and issue a ‘safe to host’ certificate once all identified vulnerabilities are resolved and validated according to security audit requirements.
Officials added that the security audit report will provide a detailed assessment of the effectiveness of existing security controls in departments, local bodies, and corporations under the Delhi government. “The report will offer remedial advice for identified vulnerabilities, along with a detailed explanation and resolution of issues. The vendor is expected to conduct follow-up tests to ensure all originally found vulnerabilities are fixed,” said the official.
Delhi government departments, boards, corporations, and agencies collectively have nearly 180 websites, redesigned about two years ago to provide faster access, improved load times, and enhanced user experience.
Source Link
