Information and communications technology (ICT) is already an integral part of nearly all business processes of an energy supply company. While this has many advantages, the growing dependence on ICT systems also entails a higher security risk for companies. ICT systems of energy suppliers are increasingly becoming the targets of cyber attacks.
Our certified IT security experts will be pleased to assist you in all matters of information and IT security to help you increase this security within your company. Our services related to information and IT security include:
- Raising awareness amongst your employees in regard to information security
One of the core objectives of a functioning information security system is to ensure a high level of cyber security awareness among your employees, as they can be a critical weak link for malware to enter a corporate network. Together with our clients, we therefore develop customised training concepts to account for their special security requirements.
- Network security assessment for automation and network control technology
For a period of 14 days, our technical security assessment for automation and network control technology surveys the communication patterns in your process network. Our network experts analyse all available devices in the process (or office) network in terms of security gaps and misconfigurations. Our experts also identify technical errors through an industrial anomaly detection performing a deep packet inspection. Our assessment is rounded off by a workshop in which we jointly evaluate the results on the basis of our final report and show you specific options for action.
- ISMS readiness assessment
The IT security assessment provides you with a first overview of the IT security level within your company. We evaluate and assess your ICT systems, processes and the existing documentation. The results enable a company to realistically assess the effort and resources necessary to implement an ISMS and show efficient ways to increase information security through fairly simple measures.
- Implementation of information security systems pursuant to ISO/IEC 27001/27019 and the IT security catalogue (IT-Sicherheitskatalog) of the Federal Office for Information Security (BSI)
The implementation of an ISMS not only concerns the information technology of a company but also requires the involvement of different departments of a company. Based on our many years of experience in the energy sector and industry, we are able to support you throughout the ISMS implementation process, from the design phase to the certification of your ISMS.
- Integration and harmonisation of an ISMS with existing management systems
Together with our lawyers and public auditors, we seamlessly integrate the ISMS into your existing risk and compliance management systems. This way, you can avoid additional costs and effort and ensure efficient management processes.