The supply of water, electricity, gas, mineral oil and heat is essential to the population and the economy - and therefore to the well-being of the state. For this reason, utility companies are subject to specific conditions under the National Critical Infrastructure Protection Strategy (CRITIS).
The secunet security infrastructure is a concept by secunet, which allows the conflicting requirements of network separation and networking to be handled in an equally efficient manner, thus effectively safeguarding the providers' infrastructures. The approach is based on the intelligent use of separation techniques: Isolated security domains are created and connected selectively by means of intelligent security measures. The technological implementation relies on the organisational structuring of the respective security domains.
If an emergency nevertheless occurs, a mature concept must be in place and ready to be implemented. It is important to restore the failed systems to normal operation as quickly as possible. A security audit for control and automation systems based on ISO/IEC 27001 (e.g., based on the German "IT-Grundschutz" and ISO/IEC TR 27019) examines existing security measures and recommends action to further increase the security level. An Information Security Management System(ISMS) must be in place together with a risk management system and security concepts to ensure continuous traceability and control as laid down by rules and regulations, such as UP-CRITIS, EnWG, the BDEW-white paper, data protection laws, the upcoming German IT Security Act, etc.
Not only do we help water and energy supply companies implement an effective and efficient IT security strategy, we also work very closely with manufacturers and integrators to further develop their products and solutions.