Airtel Business wins multi-year security contract to guard Indian railways' digital network

Airtel Business has secured a multi-year contract from the Indian Railway Security Operations Centre (IRSOC). The contract focuses on delivering comprehensive security services to protect the digital backbone of India's railway network. This project will enhance data security for over 1 billion Indians who use the railway services for ticket booking, payments, and train tracking.

The country’s railway services carry serious national significance. The network runs over 13,000 trains daily, serves more than 20 million commuters, and transports over 1.5 billion tons of freight each year. Safeguarding this flow of critical data, including sensitive customer identities, payment details, and key operational databases, constitutes a major defense requirement against intensifying cyber threats.

Centralised Security Architecture

Airtel Business must design, build, and operate a greenfield, multi-layered cybersecurity protection ecosystem that will serve as a resilient defence barrier. This Security Operations Centre (SOC) will function 24 hours a day, seven days a week, every day of the year. The technology stack includes market-leading technologies. It also mandates the use of "Make in India" cybersecurity products to deliver a sovereign, fully compliant, and AI-embedded security ecosystem.

IRSOC established the contract to provide a centralised SOC. This centre will continuously monitor assets, detect and respond to threats effectively, gather threat intelligence, and ensure proper collaboration with National Cyber Security Agencies.

Scale and Technical Requirements

The scope requires Airtel Business to secure an expansive database and safeguard end-to-end digital operations. These operations include 160,000 employees distributed across 26 locations.

The security architecture must provide several key functions:

• Asset Management: The system must manage patch and vulnerability issues for over 190,000 critical infrastructure assets and devices spread across 26 locations.
• Threat Detection: AI-driven Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), and User and Entity Behaviour Analytics (UEBA) systems will monitor, predict, and neutralise threats in real time. These systems aim for a Mean-Time-To-Detect (MTTD) of less than 20 seconds.
• Endpoint Protection: An AI-driven Endpoint Detection and Response (EDR) solution must ensure continuous monitoring and security for all endpoints.
• Visibility and Access: The system provides unified compliance and visibility through a centralised dashboard across all integrated security tools and locations. Furthermore, it includes firewalls, routers, MPLS networks, and credential safeguards to secure mission-critical applications.

Airtel Business CEO Sharat Sinha confirmed the company will deliver a security layer that advances security capabilities in ticketing and data management. Dilip Kumar, EDIP, Railway Board, stated that the centralised divisions will streamline the maintenance of information technology assets. This security upgrade shields all railway digital operations from evolving cyber threats while delivering safe services to millions of daily railway commuters.