HackmoD Cyber Security Consulting
The increasing threat to critical infrastructures from cyber attacks must be regularly checked by operators for resilience using defined cyber security guidelines.
The operation of a company's IT security in accordance with the BSI-Kritis requirements includes compliance with a number of guidelines and best practices for securing critical infrastructures in Germany. BSI Kritis (Kritis stands for "Critical Infrastructure") is the guideline of the Federal Office for Information Security (BSI) for securing critical infrastructures in Germany. There are recommendations to protect against cyber attacks and to ensure the availability, integrity and confidentiality of critical infrastructure.
BSI modules and KRITIS list:
- state and administration
- Energy (utilities, refineries...)
- Health
- IT and TC
- Transport and traffic
- water supply
- finance and insurance
- media and culture
The following steps can be taken to operate a company's IT security in accordance with BSI-Kritis requirements:
Identify critical infrastructure: The first step is to identify which systems and assets are considered critical infrastructure and need to be protected. This can include systems that support basic services such as electricity, water and health care.
Assess vulnerabilities: Once the critical infrastructure has been identified, it is important to assess the vulnerabilities of these systems. This may include conducting a risk assessment or penetration test to identify potential vulnerabilities.
Implement security measures: Based on the results of the vulnerability analysis, security measures to protect against cyber attacks should be implemented. This may include installing firewalls, implementing access controls, and regularly updating hardware, software, and security protocols.
Develop an Incident Response Plan: It is important to have a plan for responding to a cyber attack or other security incident. This may include identifying key personnel, creating logs of communications and describing the steps to be taken in the event of an incident.
Regularly review and update security measures: It is important to regularly review and update security measures to ensure they are still effective. This may include conducting regular risk assessments, training employees on security protocols, and updating the latest cybersecurity threats and best practices.
With these steps, a company can operate its IT security in accordance with the BSI Kritis requirements and protect critical infrastructures from cyber attacks. Use HackmoD Cyber Security Consulting or HackmoD Cyber Security products. The global network of HackmoD GmbH from Berlin offers professional and optimized products for cyber security in IT, TC, industry and IoT. Complete field kits are now also available in the area of physical penetration tests such as lock picking, perimeter protection or electronic (RF attack) RFID access control systems.
HackmoD offers comprehensive advice on all areas of IT security
- Intrusion Detection System - IDS Intrusion Detection System
- Concept, audit, pen test
- Management, Policy and Auditing / Reporting
- IRT Incident Response Team
- Risk management/prioritization...
- Special solutions for industrial plants, enterprise cyber security
- Training courses and field kits for federal authorities, KRITIS and the military