ARE YOU AN OWNER OR INTEGRATOR OF SYSTEMS FOR CRITICAL INFRASTRUCTURES?
Critical infrastructures (CRITIS) are organizations and facilities of major importance to the state community and security of supply, such as large hospitals, data centers, utilities and independent power producers.
According to the BSI (German federal office for information security), effective cyber security measures must be implemented and periodically verified not only for critical infrastructures, but also for facilities of public interest. Due to the rapidly increasing number of attacks even on companies and facilities, that do not directly belong to these categories, such as smaller hospitals, the self-interest of those companies and facilities in cyber security increased significantly.
NEED OF TECHNICAL & ORGANIZATIONAL MEASURES
Emergency power systems are an essential part of reliable power supply and exposed to an increased risk of cyber attacks through
- cyber attacks on control systems with remote access resp. remote monitoring
- malware infection caused by infected devices accessing the system locally or remotely
- faulty operation by unauthorized persons or persons with restricted authorization through local and remote access
- acts of sabotage
WE MAKE YOUR EMERGENCY POWER SYSTEM CYBER SECURE!
As a specialist for emergency power systems in critical infrastructures we offer you Cyber Security Kits for new systems as well as a Cyber Security Check for your existing emergency power systems.
We analyze weak points and determine optimization potential to protect your applications against cyber attacks and to ensure maximum availability.
We would be happy to support you in an advisory capacity with the certification of your organization and processes according to the guidelines of the Cyber Security Standard IEC 62443-2-4.
Our Cyber Security Kits for emergency power systems at a glance:
KUHSE CYBER SECURITY PREMIUM KIT
for Emergency Power Systems with extended cyber security requirements
Technical Measures
- Network architecture & enhanced network security by means of suitable network devices
- Cloud-based central management of user accounts, access and permissions
- User authentication via two-factor-authentication
- Minimizing the physical and logical accessibility and thus points for potential attacks
- Hardening and strengthening of the control system (hardware, software, services, cloud)
- Logging of logins, login attempts and respective violations
- Backup/restore and disaster recovery tools and procedures
Service Measures
- Process manual for operation, maintenance and dealing with cyber attacks
- Training of the owner‘s operators and service personnel
- Repeating tests for ensuring the effectiveness of technical measures and implemented procedures
- Updates for network and security devices, relevant control system components and implemented security tools (patching, anti-malware, application whitelisting, digital certificates)
Technical Measures
- Network architecture & basic network security by means of suitable network devices
- Cloud-based central management of user group accounts, accesses and permissions
- User authentication via two-factor-authentication
- Limitation of physical and logical accessibility and thus points of potential attacks
- Hardening of the Kuhse Gateway and the Cloud environment
- Logging of logins and login attempts
- System backup after delivery and commissioning
