This blog is addressing the Industry 4.0 and includes news and information aroud topics as smart manufacturing, artificial intelligence and Industrial Internet of Things (IIoT).
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Show only
|
Search instead for
Did you mean:
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send InviteCancel
Invitation Sent
Your invitation was sent.Thanks for sharing Exchange with your co-worker.
Link copied. Please paste this link to share this article on your social media post.
2020-10-0703:32 AM
Protecting Critical Infrastructure
Originally published on Industry 4.0 Blog by Anonymous user | October 07, 2020 12:32 PM
In addition to personnel bottlenecks and infection control, the rising level of cybercrime is a concern that more and more companies have been confronted with since the beginning of the corona pandemic. In some cases, such an attack is not only a threat to the existence of the respective company, but also to public safety, for example at energy suppliers, waterworks or hospitals. The current situation underlines why such operators of critical infrastructures (KRITIS) are legally obliged to provide basic IT protection. What can operators do to meet the minimum requirements of cyber security? The German Federal Office for Information Security provides a methodological approach for implementing IT baseline protection.
The Operational Technology (OT) and Information Technology security of the industrial facilities of companies, organizations, or institutions, that are of major importance to the state, are of particularly high importance to state security. Standards for systematic security measures in German companies are set out by the German Federal Office for Information Security (BSI). The minimum requirements for operators of critical infrastructure facilities (KRITIS) are regulated by the BSI annually using the IT baseline protection compendium.
Although the measures outlined in the IT baseline protection are only legally binding for KRITIS operators (regulated by the IT Security Act), the minimum requirements are recommended to all companies to secure their own data. The security recommendations issued by the BSI are an aid whereof production plants inside and outside Germany could benefit that are not officially classified as critical infrastructures.
Institutions, that are compliant to the criteria set out by the German Federal Office for Information Security must be able to:
1. Recognize a hazardous IT/OT security situation.
2. Identify suitable IT/OT security practices.
3. Adhere to those practices in their environments.
To ensure standardization across an organization or company, it is recommended that critical infrastructure operators adhere to a methodical sequence of steps:
1. create a defined framework and strategy for IT/OT security
2. define the target processes, technologies, and applications included in the framework
3. outline the requirements to fulfill in order to protect each of the targeted identified in the previous step
4. implement practices to fulfill the requirements outlined in the previous step
5. establish a strategy to check the implemented security measures, detect security incidents, and ensure a timely and appropriate response.
The data management solution versiondog supports with its basic functionality essential requirements for automation components, which can also be found in the IT baseline protection compendium. The set of rules and regulations demands this functionality as a recommended – as well as a mandatory-requirement.
Versioning
Backup
Comparison
Disaster Recovery
E-Mail notification
Documentation
Are you interested in further information?
AUVESY provides a free guide in which you will find answers to the following questions:
- What are the basic and standard requirements regarding IT security for automation components such as controllers, process control systems, HMIs etc.?
- Which functionality is provided by the software versiondog for the implementation of the requirements from the IT baseline protection?
- Which security requirements can be realized with versiondog?
- How do I use versiondog preventively to avoid data loss and machine downtimes?
- Which possibilities for detection and reaction are provided by versiondog?
Test versiondog
Find out how you can use versiondog to take preventative maintenance to the next level, and to reduce both planned and unplanned downtime. Use our demo version to learn how the versiondog software could work for you.