Data and Communications Security for the Energy Sector – Process Audit and Certification according to IEC 62351
According to the IT Security Act intended ‘to increase the security of information technology systems’ passed by the German Federal Parliament companies which are part of the critical infrastructure have to meet minimum requirements for IT security.
Critical infrastructure – KRITIS – includes companies in the fields of energy supply, transport and traffic, information technology and telecommunication, the financial and insurance sector as well as healthcare and food.
Services for operators
Do you know if the IT Security Act (ITSiG) is relevant to you as an operator? We will assist you in answering this question. For instance, the IT Security Catalogue of the Federal Network Agency, according to section 11, paragraph 1a of the German Energy Act, stipulates that energy grid operators have to implement an Information Security Management System (ISMS). But what does this requirement specifically entail?
In addition to our training programs we offer you solutions relating to these topics in individual workshops. This is where company-specific questions can be clarified and solutions for practical application be found. We will help you to make effective use of the implementation period (by 2018).
For smaller-scale operators we will find feasible solutions to meet state-of-the-art demands.
Services for manufacturers and operators
Electric mobility, small thermal power stations, etc. increasingly lead to the emergence of new data transmission and communications scenarios. Your SCADA and CMS systems can benefit from our long-standing experience with networked systems. We will help you to find solutions for these growing demands.
Protect your investments by an analysis of the threat posed by security risks. Secure a competitive advantage by protecting your customers against cyberattacks.
The data and communications protocols used in the power industry differ from those in conventional IT security. That is why a special series of standards, IEC 62351, exists in this field. Join us in discussing the differences between them and conventional IT security (ISO/IEC 27001).
We will assist you with document templates for a company-specific Information Security Management System (ISMS) according to IEC 62351.
In our Security Management Audits / Assessments we test whether or not your processes / products meet the requirements of IEC 62351. We will confirm conformity in a Technical Report and Certificate. That way your customers will receive an independent confirmation of the quality of the IT security measures applied to your processes / products.
We will be pleased to personally assist you in case of further questions.