Digitalisation is bringing change, including the operation of supply networks that form part of the critical infrastructure. Current vulnerabilities demonstrate how important it is for this to be in compliance with the IT security catalogue in accordance with the German Energy Industry Act. TÜV SÜD is supporting the transmission system operator (TSO) ONTRAS by providing a new risk assessment concept that considers both safety and IT and OT security, as well as possible interactions.
Recently, the ‘Log4Shell’ vulnerability threatened data centers, company servers, and connected systems among others. Experts assessed its risk level at the highest possible severity. The vulnerability also affected operators of energy supply networks and other critical infrastructures (KRITIS).