Building up a security operation centre
6. October 2017
As the data security regulations were revised in July 2015, the managers of so-called “critical infrastructures (CRITIS)” are bound by law to secure their IT systems according to particularly stringent guidelines. As with our client, this covers physical IT security as well: from the proper equipment of buildings and entrance barriers over trained security personnel to reliable IT security solutions.
In order to fulfill the legal requirements and to guarantee overall security, our client ordered us to build up a security operations centre.
Being project manager, we were completely responsible, even for things that do not concern pure IT. Starting with accompanying the tender phase to recommending and choosing equipment: from bullet proof windows to access controls and separation locks to designing the guard rooms for the shift duty.
In addition to the general conditions mentioned, the project covers, of course, the actual IT measures as well as restructuring the databases and setting up of practically self-learning web-crawlers. They search the client’s network around the clock for threats to report possible attacks, and take counter-measures before an attempted attack leads to a threat.
Our client is bound, being a CRITIS manager, to adhere to the legal regulations. As such, the audit-secure application of the project was crucial for his business. Through our commitment the IT system’s security is guaranteed for the client –-physically as well as digitally.