Select Language

close

Critical Infrastructure Protection

About Critical Infrastructure Protection

Critical infrastructure is one of the most sensitive areas in security since the consequences of malicious attacks on it could be devastating. To help organisations come to that situation Cognosec employs all its expertise and knowledge to identify the vulnerabilities and threats to the critical infrastructure so it could be mitigated before the problems occur.

NIS Directive

The following objectives need to be met to comply with the NIS directive

1) Appropriate organisational structures, policies, and processes in place to understand, assess and systematically manage security risks to the network and information systems supporting essential services

1 Governance
2 Risk management
3 Asset management
4 Supply chain

2) Proportionate security measures in place to protect essential services and systems from cyber attack

1 Service protection policies and processes
2 Identity and access control
3 Data security
4 System security
5 Resilient networks and systems
6 Staff awareness and training

3) Capabilities to ensure security defences remain effective and to detect cyber security events affecting, or with the potential to affect, essential services

1 Security monitoring
2 Anomaly detection

4) Capabilities to minimise the impacts of a cyber security incident on the delivery of essential services including the restoration of those services where necessary

1 Response and recovery planning
2 Improvements