CRITICAL INFRASTRUCTURE (KRITIS)
How secure is your company?
The new KRITIS Umbrella Act aims to improve the physical security and resilience of critical infrastructure and facilities. To achieve this, it combines cybersecurity requirements – such as the Network and Information Security regulations (NIS 2) – with those for physical safety. The act poses major challenges for organizations and institutions in the following sectors: energy, transport and transport, water, finance and insurance, food, media and culture, government and administration, health, information technology and telecommunications.
In view of these changes, stakeholders in the above industries and sectors must react quickly and decisively with regard to innovation in safety, security and risk management. The act obligates operators of critical infrastructure and facilities to implement comprehensive security measures and to monitor them continuously.
What is critical infrastructure (KRITIS)?
“Critical infrastructure (KRITIS) comprises organizations and facilities of great national importance, the failure or impairment of which would result in long-term supply bottlenecks, significant disruption to public safety, or other dramatic consequences.”
Source: BSI - General information on KRITIS (bund.de)
Are you prepared?
KRITIS Umbrella Act: The bill is expected to be passed in October 2024. It obligates operators of critical infrastructure and facilities to create and implement plans and measures to increase physical security as part of an overall operational resilience strategy.
Network and Information Security (NIS 2): The NIS 2 Directive formulates the framework conditions for the protection of IT security with regard to ‘important’ and ‘particularly important’ facilities as defined by the NIS 2 Directive that have more than 50 employees or more than €10 million turnover. The Directive must be implemented by all those affected from October 2024.
Our solution: We address your challenges
Our experts personally take on your challenges and work through them with you in a structured way – looking in turn at organization, technology and structures. They adopt a preventive approach by finding solutions that prevent danger. But risk cannot be reduced to zero. Rather, it is a matter of taking measures that reduce the probability of occurrence and minimize impacts to the greatest possible extent.
As consultants, we can support you throughout the process – from analysis and requirements planning through to realization and operation.
The added value for you
Early, preventive protection against digital and physical risks
Industry-specific strategies and concepts developed by recognized critical infrastructure experts
Holistic solutions that cover technical, structural and organizational aspects of your risks
Resilience strategies tailored to your particular risk profile
Innovative security measures based on digital, AI-assisted technologies
All security consulting services under one roof with in-depth professional and technical expertise