Incident Reporting strengthens Security and Supply

Foundational concept in standards and legislation

With the growing complexity of professional and state-sponsored cyberattacks, the knowledge transfer between information protection officers in critical infrastructure companies has become paramount for supply security.

Several countries worldwide have developed legislation and standards to implement incident reporting to:

  • identify and analyze supply security threats at an early stage,
  • communicate threats to all vulnerable infrastructures and
  • develop immediate countermeasures.

Few operators are currently in a position to so. Their security systems provide neither full network operation transparency nor the detailed documentation of detected incidents.

Identify, Assess, Report

Challenges in Incident Reporting

A sound strategy to protect security of supply must take changed risk mechanisms into account. This results in new challenges for information security officers that go beyond classic security concepts:

  • Recognize near-incidents: Incidents that could potentially lead to an impact (e.g. in multi-stage attack scenarios)
  • Detect incidents not related to security: Disruptions can also occur independently of security incidents.
  • Assess significance: Near-incidents sometimes only need to be reported, if there it would have resulted in a significant hazard. The responsibility for sound assessment generally lies with the operator.
  • Report detailed information: Many legislations require details on the mechanism and (possible) effects of any incident.

Report any incidents with an industrial anomaly detection

  • DETECT NEAR-INCIDENTS AND TECHNICAL ERROR STATES

    Rhebo Industrial Protector reports all atypical - and thus potentially impairing - processes in the control system as an anomaly.

  • ASSESS THE SIGNIFICANCE OF INCIDENTS

    Rhebo Industrial Protector risk scores each anomaly and provides all necessary information for assessment.

  • ANALYZE IMPACT AND FUNCTIONALITY

    Rhebo Industrial Protector stores all data of an anomaly for fast and detailed forensic analysis.

Rhebo Industrial Protector in Critical Infrastructures