- Rhebo releases technical guideline for »Handbook for basic operational technology security of energy suppliers« by the Association of Swiss Energy Companies (VSE)
- The guide explains implementation of the handbook’s 21 steps for secure OT networks with network monitoring and anomaly detection
- Recommendations address the concrete tasks of IT/OT security
Leipzig / Zurich, Germany, May 7, 2019 - The VSE »Handbook for basic operational technology security of energy suppliers« addresses those responsible for the security of process and industrial control systems (ICS) in power supply companies. The handbook describes and recommends actions that power supply companies can take to sustainably guarantee the security and stability of their ICS.
The core principle advocated by the VSE is the implementation of a Defense-in-Depth concept. On the one hand, this concept provides those responsible with a framework for continuously evaluating, assessing and improving the information security of their company. On the other hand, the concept offers a sound approach to the challenge of how critical infrastructures can be secured in a world in which 100% security is out of question. As the handbook states: »Ultimately, a cyber attack cannot (always) be prevented – therefore the goal is the rapid identification, isolation, defense and decrease of consequences of an attack (resilience)«.
In 21 Steps to Defense-in-Depth
The guideline »VSE Handbook in Practice – The role of network monitoring with anomaly detection for the reliable operation of ICS« by Rhebo supports those responsible in critical infrastructures, particularly in implementing the »21 Steps to a Secure OT Network« defined in the VSE handbook. In order to address the everyday practice of IT/OT security in critical infrastructures, the 21 steps are viewed in the context of a continuous improvement process (plan, do, check, act), as recommended for the organization of an information security management system (ISMS) by ISO 27000. The focus of the guideline is the establishment of a continuous network monitoring with industrial anomaly detection. This serves as a basis for risk analysis as well as for the identification, reporting, documentation and analysis of error states, manipulation, malware and vulnerabilities.
Christian Schöpf, Sales Director Rhebo for the Swiss and Austrian market, explains:
»Operators of critical infrastructures are faced with the challenge of translating the numerous recommendations from the VSE Handbook as well as the ICT Minimum Standard into a coherent concept for their own plants. With this guideline, we aim to support those responsible in clearly viewing the recommendations in the context of the Defense-in-Depth approach. We at Rhebo are convinced that with regard to the multi-layered threat vectors and availability aspects of increasingly complex networks, operators must focus on the inner workings of their ICS. And that means nothing less than establishing a system that analyzes all communication processes within the ICS, provides indications of hidden vulnerabilities and reports anomalies in real-time. Because Advanced Persistent Threats as well as technical error states are usually not detected at the network boundaries where the firewalls are located«.
The guideline »VSE Handbook in Practice – The role of network monitoring with anomaly detection for the reliable operation of ICS« is available in German under: https://rhebo.com/de/download/file/leitfaden-vse-handbuch-in-der-praxis/.
Rhebo is a German company that specializes in the reliability and resilience of industrial and critical infrastructure companies. With its solutions and services, Rhebo monitors all data communication within industrial control systems (ICS), and reliably reports attacks, vulnerabilities as well as technical error states. Thus, Rhebo supports operators of ICS to increase cyber security, productivity and availability of their systems and plants, and to safeguard the digital transformation of their processes.
In this role, the company is actively involved in the Alliance for Cyber Security of the Federal Office for Information Security (BSI), the Teletrust - Bundesverband IT-Sicherheit e.V. and the Bitkom Security Management Working Group to develop standards and technical guidance.