Energy & Critical Infrastructure – IT Security for Suppliers and Network Operators
Excerpt of services
Power outages, data leaks, attacks on control systems – for operators of critical infrastructure in the energy sector, these are not theoretical scenarios. We support municipal utilities and grid operators in systematically securing their IT – in compliance with regulations and operationally feasible.
ISMS für KRITIS-Betreiber
Design and operation according to BSI IT baseline protection and ISO 27001 – with a focus on IT/OT interfaces and sector-specific critical infrastructure requirements.
IT strategy for energy suppliers
Target vision, roadmap and governance framework – tailored to the dual role as a supplier and regulated operator of critical infrastructure.
NIS-2 & KRITIS-VO-Umsetzung
Gap analysis, action plan and verifiable compliance for operators in the energy sector
Smart Metering & Digitalization
Consulting on iMSys, SMGWA administration and security requirements according to BSI TR-03109.
IT/OT security
Segmentation concepts, risk analysis and security architecture at the boundary between office IT and industrial control technology.
Interim CISO & Project Management
Übernahme von Sicherheitsverantwortung auf Zeit – mit direkter KRITIS-Erfahrung im Energiesektor.
Reference excerpt
Operators of critical infrastructure (KRITIS) are legally and strategically obligated not to disclose information about their security architecture. A named reference would directly contradict what we have jointly established: sustainable security through discretion. All subsequent project summaries are anonymized. Complete reference documentation – including contact persons – is provided confidentially during tendering processes.
National supplier
Supra-regional network operator · Critical infrastructure energy · NDA
ISMS-Aufbau & NIS-2-Readiness über 24 Monate Vollständiger Aufbau eines ISMS nach BSI IT-Grundschutz für einen Netzbetreiber mit mehreren tausend Endpunkten und ausgedehnter OT-Infrastruktur. Schutzbedarfsfeststellung, Risikoanalyse, Richtlinienframework und Maßnahmenplan. Abschluss mit positivem BSI-Auditbericht.
municipal utility
Municipal utility network · 3 municipal utilities · NDA
IT Strategy & Digitalization Roadmap: Development of a 5-year IT strategy for a municipal utility providing electricity, gas, water, and heat. This includes a current state analysis, a target vision, a prioritized roadmap, and a governance model. Consulting at the management level and coordination with the municipal shareholder are also provided. Implementation support is offered for 18 months.
Regionaler Verteilnetzbetreiber
Regional distribution network operator · Critical infrastructure · NDA
IT/OT-Sicherheitskonzept & Segmentierung Analyse der IT/OT-Grenzbereiche und Erstellung eines belastbaren Segmentierungskonzepts nach IEC 62443 und BSI-Empfehlungen. Identifikation kritischer Angriffsvektoren auf Leittechniksysteme, Maßnahmenpriorisierung nach Risiko. Direkter Bericht an CISO und technische Geschäftsleitung.
Critical infrastructure operators don't like to talk about security publicly – neither do we.
Contact us directly for a confidential initial consultation.