A reliable energy supply consists not only of the energy itself, but also of information – from grid management to metering, from charging stations to substations. It is simply not possible to supply energy without information. With this in mind, we continuously monitor cyberthreats so that we are prepared for any threats to which our networks and information are exposed.
The legal and organizational foundations of cybersecurity
- ISO 27001 certification for critical areas
To implement our cybersecurity strategy, we operate an information security management system based on international norms and standards, including:
- ISO 27000 series of standards
- NIST Cybersecurity Framework
- Certain aspects of BSI basic protection methodology
- Relevant critical infrastructure (KRITIS) frameworks and security catalogs (SiKat)
- Requirements covering technical and organizational measures derived from the GDPR
- Business continuity management (BCM) standards
- The CISO (Chief Information Security Officer) is responsible for organizing and managing the security strategy and has their own reporting channel to the Board of Management.
- Information security requirements are implemented in a decentralized manner in the respective companies.
- We have issued information security guidelines to ensure effective governance. These rules and standards set out requirements for processes and should be followed when implementing measures that serve to maintain information security.
- In decentralized units, these can be supplemented by department-specific requirements.
- Regular reports on the implementation status to the responsible management team.
Continuous monitoring of cyberthreats
We constantly analyze the threat situation and the resulting dangers to EnBW’s IT systems, networks and information. We understand the need to protect our systems and applications, along with the impact that an outage or loss of information has.
- Asset inventory management
- Assessments determining the level of required protection
- Threat analyses
- Risk assessments accompanied by an comprehensive “cyberthreat risk analysis”
Processes and systems feature the latest security mechanisms
Even if attackers were to overcome a single barrier, further firewalls expects them. The chances of advancing to the innermost core of EnBW’s information are therefore very low. Furthermore, each protective layer has alarming systems that help us to detect and halt activities at an early stage.
- Role-related security training for employees
- Reporting of security incidents
- Vulnerability management
- Physical security measures
- Encryption
- Secure identities
- Virus and malware protection
- Network security
- Patch management
- Log data acquisition
Intrusion detection
The systems that protect us also need our full attention – at all times, always under the vigilant eye of our experts. We have specialists who can detect, track and isolate an attacker in our system logs.
- Regular emergency and crisis exercises
- Cyber Emergency Response Team – EnBW CERT
- Continuous (central) monitoring of cyberthreats (in the Security Operations Center or SOC) by collecting and analyzing actionable threat information via threat intelligence and centralizing security data using security information and event management (SIEM) solutions
- Network monitoring
A commitment to maximum transparency
We endeavor to achieve a high level of business resilience so that we are prepared for the constant and changing threats. No one can guarantee one hundred percent security. That is why comprehensive preparation is essential. Our measures and exercises help us to minimize any damage in an emergency situation, contain the spread and react quickly. As an energy supplier, we are required – more than many others – to be transparent and report these incidents to the responsible public authorities in line with statutory regulations.
- Reporting bodies for observations, cyberattacks and vulnerabilities
- Response and crisis plans
- Identification of critical business processes as part of business continuity management
We have achieved a high standard in information security, proven through objective and independent audits. We regularly review our strategic direction, continue to develop as a company and optimize our procedures and security processes. We demonstrate this with our ISO 27001 certification, among other things.
- A strong security culture
- A long-established information security management system
- A low number of security incidents
- Regular internal and external audits and technical checks
- A cybersecurity budget