Public utilities or energy suppliers are considered “critical infrastructures” once they supply a certain number of households. They are a special focus of potential cyberattacks. The IT security act of Federal Office for Information Security (BSI) therefore requires the IT systems employed to be especially secured and that attacks must be reported.
ausecus is a consulting company for IT security, penetration testing, consulting and services for the ISMS introduction of ISO 27001 in critical infrastructures.
In 2019, XITASO developed a user interface for end users which allowed an Intrusion Detection System (IDS) to be configured precisely and meant notifications could be swiftly processed. The system can be used to identify suspicious operations at an early stage, which will then be repelled and archived for audits. Particular emphasis was placed on high levels of clarity and intuitive operation from the user’s side.
The dashboard shows an overview of events per event level (alarms, critical alerts, info). Diagrams also visualize the top five hosts and the load of the process networks.
The receipt notes are stored audit-secure for later traceability. In a separate UI, complex rule sets can be generated and then uploaded to the KRITIS Defender.
In the reduced view only the system status (red, yellow, green) is displayed. An animation underlines the urgency.
Dr. Michael Schackert
Phone +49 821 885882-36
michael.schackert@xitaso.com