- New BSI orientation guide defines the requirements for the "Operation of Intrusion Detection Systems"
- Critical infrastructure operators are in a race against time to implement such systems especially in operational technology networks
- Rhebo helps companies quickly achieve maturity level 3 and beyond through targeted measures
Leipzig / Germany, 20 September 2022 – Rhebo provides dedicated OT monitoring with anomaly detection and comprehensive security services to support critical infrastructures with the efficient implementation of the requirements for the "Operation of Intrusion Detection Systems" published by the German Federal Office for Information Security (BSI).
German critical infrastructure companies must deploy a threat and intrusion detection system by 1 May 2023, in accordance with the BSIG (Federal Office for Information Security Act) and EnWG (Energy Industry Act), to protect their information systems in both IT and OT (operational technology and industrial control systems). This will enable critical infrastructures to detect new and previously unknown cyber attacks early on, and as a result prevent – or at least minimize – damage.
Companies remain uncertain about the right intrusion detection system
This requirement is placing operators under pressure, particularly those in the basic supply sectors (electricity, gas and water). Their critical services are primarily controlled via OT networks which – in stark contrast to the IT – generally have no or very few options for protecting communications and processes at system and device level against cyber-attacks.
"There is strong uncertainty in the critical infrastructure sector with regard to the implementation of this legal requirement in industrial, automated networks," explains Rhebo CEO Klaus Mochalski. "It is often incorrectly assumed that a security information and event management System (SIEM) meets this requirement. However, an SIEM usually only applies to IT and not to OT."
For this reason, in June 2022 the BSI published an orientation guide on the “Operation of Intrusion Detection Systems“ that defines mandatory and optional requirements. The document lists a total of more than 60 specific requirements that operators of critical infrastructure are expected to meet. To give companies a quick overview of all the requirements, Rhebo has structured this information in a matrix (download here).
Focus lies on mandatory requirements
The BSI's orientation guide "Operation of Intrusion Detection Systems" is essentially in line with the recommendations of Rhebo as well as the functionality of OT monitoring with anomaly detection for OT networks, available from Rhebo since 2016. With the dedicated solutions for OT security, IIoT security and AMI security (advanced metering infrastructure), Rhebo offers simple, focused and quick-to-integrate tools for meeting the requirements for the continuous logging of network communications and the detection of security-related incidents in OT, as well as ensuring a rapid response to incidents.
"We recommend that critical infrastructure operators focus on meeting the mandatory criteria before the deadline in May 2023," says Klaus Mochalski. "This will enable companies to reach maturity level 3 for their cybersecurity system and have in place a solid foundation for the continual improvement of cyber resilience processes. In accordance with international security standard ISO 27001, a cybersecurity system reaches maturity level 3 when "the process [...] is fully implemented and documented".
Rhebo and its network of technology and consulting partners are helping companies achieve this maturity level in just a few months – and in time for the deadline on 1 May 2023. The overview matrix of all requirements and fulfilment levels in OT, created by Rhebo, can be downloaded here.
Klaus Mochalski will speak on 29 September 2022 at the 32nd BSI Cybersecurity Day in Dresden and answer questions as part of the panel discussion "KRITIS and NIS RL: What does the adapted legal framework mean for my company?"
Rhebo provides simple and effective cybersecurity solutions for Operational Technology and distributed industrial assets for the energy sector, critical infrastructure and manufacturing. The company supports customers with OT security from the initial risk analysis to managed OT monitoring with intrusion & anomaly detection. Since 2021, Rhebo is part of the Landis+Gyr AG, a leading global provider of integrated energy management solutions for the energy industry with around 5,000 employees in over 30 countries worldwide.
Rhebo is a partner of the Alliance for Cyber Security of the Federal Office for Information Security (BSI) as well as the Teletrust - IT Security Association Germany. The company was awarded the »IT Security Made in Germany« and »Cybersecurity Made In Europe« labels for its strict data protection and data security policies. https://rhebo.com/
Kristin Preßler, Managing Director | Head of Marketing