Utilities today are largely controlled by information and communication technologies. To ensure continuous availability, protecting IT networks from cyber attacks is the top priority. The IT Security Act 2.0 provides the legal framework. Thus, IT security becomes a business necessity.

Offering CRITIS solutions


Edge Computing, Network Security, Remote Maintenance and Industrial IOT


Prevention and detection of cyber attacks


Remote maintenance with security - for operators, service providers and manufacturers


The key to secure digital processes


We support you in setting up an ISMS according to IT-Grundschutz, developed by the BSI as a flexible modular system.


For secure entry into cloud computing through simple and trustworthy provisioning of resources


Multi-factor authentication for web services

safe surfer

secunet safe surfer secures the biggest gateways for malware: Web access and phishing e-mails.

View solution

Offering CRITIS consulting


Our IT Forensic division offers a group of reactive services that you can call upon at short notice in the event of an emergency.


We support you in setting up an ISMS according to IT-Grundschutz, developed by the BSI as a flexible modular system.


Disruptions and crises can hit a company at any time. The best protection lies in prevention.


Digitization, cloud computing, and big data pose increasingly complex challenges for data protection.

Awareness Training

The goal of the awareness program: employees recognize the benefits of cyber security and change their behavior on their own.

Audits & Analysis

Support in audit preparation and monitoring in the context of certification audits.

Penetration testing

Key components of a sustainable IT security strategy


IT security architectures

IT security concepts

Secure software development



Protection for utilities


IT security plays a key role in data processing for the purpose of digital value creation. The availability and functionality of the supply process must be maintained, and confidentiality must be protected. Both technical and organizational measures help to ensure that IT and OT are adequately protected. secunet provides comprehensive support for utilities in implementing technological developments or legal requirements - with consulting, products and services.


Icon Energie secunet

Utilities in the electricity, gas, mineral oil, district heating sectors

Icon Wasser secunet

Operators in the drinking water supply and wastewater disposal sectors

Icon Abfallwirtschaft secunet
Waste Management

Operators in the waste treatment and waste transport sectors

Icon Ernährung secunet

Food manufacturers and distributors


Protecting and securing IT- and OT-based utility business processes.

IT security plays a key role in data processing for the purpose of digital value creation. It is important to maintain the availability and functionality of the supply process and to protect confidentiality. Both technical and organizational measures help to ensure that IT and OT are adequately protected. Products, consulting services and services from secunet provide an essential basis for establishing high-quality IT and OT security for service providers in supply areas.

Site networking

Site networking makes it possible to connect different IT or OT networks to form an entire network. This can be secured using various options. secunet offers secure encryption solutions for this at network level Layer 2 as well as at network level Layer 3. secunet edge also offers the option of connecting multiple locations via IPSec-based VPN implementations in the area of industrial plants or IOT systems.

Endpoint security

Modern IT workstations also need to be protected against cyber attacks, but also against unauthorized use. The SINA Workstation offers comprehensive security for these modern workstations. Whether securing the home office, processing sensitive data, securing privileged access (e.g. control center employees, IT administrators), SINA Workstation offers high-level security that begins with the secure boot process.

Attack detection

Ideally, own systems and the network topology should be known. However, real transparency only comes about through ongoing detection and recording of the actual conditions. By observing network traffic in combination with machine learning, the usual processes within networks are determined. Deviations from the learned normal state (including faults and attacks) are thus directly noticed as anomalies.

The completely passive sensor technology can be quickly integrated into the existing structure, does not influence operation and cannot
cannot cause any disturbances themselves.

Signature-based attack detection

Signature-based attack detection according to IT Security Act 2.0

The IT Security Act 2.0 obliges KRITIS operators to use attack detection systems from 01 May 2023. secunet monitor KRITIS is a network monitoring system based on signature-based attack detection that is specially tailored to the requirements of operators of critical services and companies in the special public interest. The solution follows a concept directly aimed at legal regulation and, in addition to signature-based attack detection, also enables supported processes for reporting security incidents to the BSI. In addition, secunet monitor KRITIS offers the collection and evaluation of log data.

Safety zones

Different areas of the enterprise network require different levels of security or policies. Whether office networks, DMZ, supply or production networks - all these networks have different risk and security levels. Thus, different security zones exist in a network, which, among other things, must be protected from each other. secunet offers components to technically establish these different security zones.

  • SINA
  • secunet secuwall
  • secunet edge
  • VOIP gateway SBC

In addition, systems for attack detection can be established in the security zones in order to detect anomalies in the network and to be able to recognize cyber attacks at the interfaces of the security zones as well as in the network of a security zone.

Remote Access & Maintenance

Remote Access & Maintenance

For the maintenance and configuration of machines as well as control or automation technology, technicians often still have to be on site. Particularly in the case of external service providers and geographically distributed plants, this is associated with high travel costs and longer response times.

The advantage quickly becomes apparent in the form of a faster ROI, lower TCO, higher efficiency of the machines and systems, and a reduction in the service and maintenance effort.


PKI in Critical Infrastructures
Full control over all process-relevant identities and data flows

IT-supported business processes are the backbone of industry and business today. The steadily increasing networking and thus the complete digitization of value chains in companies, complete industries as well as between different industries, require corresponding trust anchors. Cryptographic processes and the use of certificates and signatures ensure trust in actors and control over digital infrastructures.

Use cases
Energy supply

Secure remote access and proactive monitoring in distributed power supply.

secunet edge enables secure remote access and protected remote administration in distributed and networked power generation plants, substations or other plants "in the field". With the same infrastructure, safety states and quality aspects can also be monitored proactively.

Water supply

Shielding systems in water supply & wastewater treatment and using modern applications.

secunet edge secures systems in critical infrastructures such as fresh water supply or in wastewater treatment plants, even retroactively (retrofit). In addition to a protective shield and stealth for risky systems, the platform can also be used for modern applications - e.g. to increase energy efficiency.

The IT Security Act 2.0

Our collection of topics and information on the topic of the IT Security Act 2.0
To the topic page
secunet edge - The comprehensive solution for edge computing for critical infrastructures
Contact request
Do you have more questions regarding CRITIS?
Do you have more questions regarding CRITIS?

Simply send us an inquiry via the contact form. We will be happy to help you.

Site 1