Secure critical infrastructures competently – with DARZ!
The German IT Security Act (ITSG) came into effect on July 2015. It contributes to making Germany’s IT systems and digital infrastructures some of the most secure in the world. Critical infrastructures (KRITIS) – such as the electricity and the water supply, healthcare, finances and telecommunications – have become more vulnerable as a result of the increasing digital networking. Thus, a failure or impairment of the provision of services would have dramatic consequences for the economy, the state and German society. IT security and the regulations for improving the availability of IT systems are therefore an important part of the law.
The IT Security Act makes certification necessary
Increasing IT penetration and networking in many areas of life opens up economic as well as social potentials, which are essential for a highly developed and industrialized country like Germany. The Data Centric Services that DARZ offers are also based on this view and development. Digitization, however, means that new and ever increasing risks arise in the area of data security, which require quick and consistent reactions. The special challenge posed by targeted cyber-attacks on the IT infrastructure affects government agencies as well as critical infrastructures and other companies that all deal with particularly valuable information nowadays.
The IT Security Act requires higher security and quality
Operators of critical infrastructures are obligated by the IT Security Act to adequately secure the IT needed to provide their important services based on state of the art technology and to have this security checked at least every two years. According to the law, they can design the securing measures for their IT infrastructure themselves as long as the measures are state of the art. This also applies to the conceptualization and implementation of security standards at the current technical level.
The following sectors are currently affected:
- Information technology and telecommunications
- The water supply
- Transportation and traffic
- Finances and the insurance business
- State and administration
- Media and culture
The IT Security Act affects more organizations than one might think
For many companies, it is currently still difficult to completely rule out falling under the IT Security Act. According to a PwC survey, 18 percent of companies are unsure as to whether they fall under the law. If we look at the ongoing discussion of the topic of critical infrastructures, the number of companies that are uncertain is likely to be significantly higher.
Rely now on certified IT partners
The organizations that are clearly subject to the IT Security Act, as well as those that deal with critical networking scenarios, are now called upon to act. In concrete terms, this means they must align their IT infrastructure and IT security infrastructure to meet the legal requirements. This, in turn, means they should rely on partners for IT that offer certified services that are 100% compliant.