Keywords
OT security, sector SOC, water sector, NIS2, attack vectors, best practices
Summary
Managing Director of the Competence Center for Digital Water Management (KdW), Ronald Derler, outlines the specific challenges of OT cybersecurity in water utilities. As Director of the Cybersec@Wasser situation center, he talks about the institution's origins and approach, best practices for the industry, and the importance of CRA and NIS2.
Takeaways
Water management is not about real-time processes, but about protecting life and the environment.
There is a shortage of security experts in water utilities.
The BSI's guidance on the “use of intrusion detection systems” provides best practices.
The most common attack vectors are service providers, remote access, and social engineering.
Only a fraction of water management companies are regulated in terms of cybersecurity.
The significantly lowered barriers of NIS2 mean that many companies that were previously able to ignore cybersecurity are now facing new responsibilities and obligations.
The KdW functions as a sector SOC that provides cybersecurity for water management companies. The KdW analyzes incident data from various water companies.
The KdW was created by the North Rhine-Westphalia Ministry of the Environment and was set up within six months.
The KdW is technology-agnostic and leaves the selection and placement of sensors and data collectors in the hands of the companies.
Sound Bites
The fact is that security experts are not exactly growing on trees in the water industry.
It was important to the ministry that we were there above all for the small and smallest utilities, who would otherwise be left out by private-sector players.
The attack attempts are getting better and a little more frequent, there are different waves. The situation is currently quite good. But we mustn't assume that nothing else can happen.
In our view, the main gateway is still the service provider and remote access.
You need sensible systems that monitor your own operations, detect incidents quickly, and then enable a rapid response.
Chapters
00:00 Introduction
01:32 Special characteristics of water utilities
03:47 Sector-specific SOC
05:26 Creation of the KdW and Cybersec@Wasser situation center
08:23 Challenges in convincing water utilities
09:32 How the KdW works
10:43 Best practices in water management
12:05 Communication in the event of incidents
13:38 Incident response
14:53 Sector CSIRTs in other federal states
16:06 Security incidents in the German water sector
17:35 Attack vectors in the water sector
19:23 Cyber Resilience Act and NIS2
21:02 Closing remarks and farewell
