Use Case

OT & IIoT Security Compliance

Implement standard and legal requirements for intrusion detection & defense-in-depth in OT networks

Industrial security laws and standards increase compliance pressure

Comply to legal and international standards requirements

For many corporations compliance with national security laws and international standards has become a driving factor for implementing and operating a threat and intrusion detection systems.With its hands-on solutions and focus on critical infrastructure, Rhebo has been helping companies comply with country- and industry-specific legislation, guidance and standards for many years – closing the gaps of a SIEM that focuses primarily on IT.

NIS2 requirements in the OT

Implementing intrusion detection and residual risk control in OT networks
Learn more

NIS 2 EBOOK

NIS2 primarily affects companies that were not previously subject to any national IT security legislation. Overall, the number of companies for which a solid cybersecurity strategy and implementation will become a legal obligation is increasing manifold. This eBook examines the impact of NIS2 on companies, places the directive within the wider framework, discusses the challenges and limitations for many affected companies and explains how these limitations can be overcome and the residual risk can be brought under control.

National OT & IIoT security compliance

Italian flag

Italy

Legislative decree 65/2018: implements the EU NIS Directive that requires countries to supervise its critical infrastructure and services.

NCSP (105/2019): imposes specific obligations on essential operators to secure networks, information systems and services pivotal to the life and function of the nation.

DPCM 81/2021: defines rules for reporting IT/OT security incidents, cybersecurity measures and obligation of evaluation of security measures after ICT assets changed.

Rhebo OT monitoring with anomaly detection forms the foundation for asset discovery, risk analysis, intrusion detection and incident reporting in operational technology networks.
Spanish flag

Spain

CIP law (law 8/2011): implementing measures for the protection of critical infrastructure.

RD 43/2021: requirements for best risk management for network and information systems in critical sectors

Ámbitos de la Seguridad Nacional: Protección de Infraestructuras Críticas: special security obligations of public administration as well as operators of critical infrastructure.

Rhebo OT monitoring with anomaly detection forms the foundation for asset discovery, risk analysis, intrusion detection and incident reporting in operational technology networks.
Swedish flag

Sweden

Lag om informationssäkerhet för samhällsviktiga och digitala tjänster: implements the EU NIS Directive in regards to information security for providers of critical infrastructure and digital services.

Säkerhetsskyddslag (SFS 2018:585): imposes specific obligations on security-sensitive entities and business to prevent information security incidents and damages.

Säkerhetsskyddsförordning (2021:955): defines specific security measures for critical infrastructures including risk analysis, incident reporting and threat detection.

Rhebo OT monitoring with anomaly detection forms the foundation for asset discovery, risk analysis, intrusion detection and incident reporting in operational technology networks.

Compliance with security standards

ISO/IEC 27000 ff.

The ISO/IEC 27000 family of standards is the basic international framework for an Information Security Management System (ISMS). It has become a cornerstone standard for corporations, companies and institutions worldwide, currently comprising 63 sub-standards under its umbrella.

Beside recommending management best practices, several standards within the family provide technical guidance on OT cybersecurity in the electrical sector (ISO 27019) as well as network security (ISO 27033) and application security (ISO 27034).

Rhebo OT monitoring with anomaly detection forms the foundation for end-to-end threat and anomaly detection in operational technology networks.

ISO Logo

IEC 62443

The international standard IEC 62443 "Industrial communication networks - Network and system security" is the most important and widely used standard for establishing a cybersecurity system in operational technology networks.

The cornerstone of the standard is the concept of Defense-in-Depth, which includes a threat and intrusion detection that is effective even when attackers have gained access to a network.

Rhebo OT monitoring with anomaly detection forms the foundation for Defense-in-Depth operation including risk analysis, continuous monitoring and threat detection in OT networks.

Get in touch with us

Write or call us to discuss your requirements for OT cybersecurity and intrusion detection.
Contact us

Schedule a online demo

Let us show you hands on how Rhebo advances your company’s OT cybersecurity posture.
Schedule an online demo
All rights reserved - Rhebo
Facebook Icon weissLikedIn Icon weissXing IconYoutube Icon