Auditing of Attack Detection Systems and Additional Testing Procedure Expertise for § 8a

New additional testing requirements according to the IT Security Act 2.0 for all operators of energy supply networks and energy plants - without consideration of threshold values.

Operators of Critical Infrastructures are obligated to implement appropriate organizational and technical measures to prevent disruptions to the availability, integrity, authenticity, and confidentiality of their information technology systems, components, or processes. Following the implementation of the 2nd IT Security Act, the BSIG (Federal Office for Information Security Act) in the new § 8a paragraph 1a explicitly refers to the use of Attack Detection Systems.

Such systems provide an effective method for (early) detection of cyber-attacks and are particularly helpful in reducing and preventing damage.

Operators of energy supply networks and energy facilities are already required to implement an IT security catalog published by the Federal Network Agency. With an amendment in the Energy Industry Act (EnWG), they are now additionally obliged to use attack detection systems and to provide corresponding proof to the Federal Office for Information Security (BSI). According to § 11 paragraph 1f of the EnWG, they must demonstrate compliance with the requirements of § 11 paragraph 1e EnWG to the BSI for the first time on May 1, 2023, and then every two years thereafter.

We are your competent partner for the auditing of attack detection systems and have additional expertise in testing procedures for § 8a. We assist you in meeting the legal requirements.

Auditing of Attack Detection Systems

The security of your IT infrastructure is crucial for the protection of your data and the smooth operation of your business. To assist you in early identification of potential vulnerabilities and risks, we offer comprehensive audits of your attack detection systems. Our experts evaluate the effectiveness of your existing security measures and identify areas for improvement. In doing so, we consider the latest threat landscapes and technologies to provide you with a comprehensive overview of your IT security.

Additional Testing Procedure Expertise for § 8a

As an operator of critical infrastructures (KRITIS), you are obliged under § 8a of the BSI Act to implement appropriate security measures to ensure the availability, integrity, and confidentiality of your IT systems. Our additional testing procedure expertise for § 8a enables us to provide comprehensive support in meeting these legal requirements.

Contact Us

We stand by you as a reliable partner and assist you in meeting the requirements of attack detection systems and § 8a. Contact us today to learn more about our tailor-made solutions for your business.