Critical infrastructures (KRITIS) ensure the supply of essential goods to the public and maintain the economic and social well-being of our society. KRITIS facilities thus represent an attractive target for politically motivated attackers, cyberterrorists or radical hacktivists.
Highly regulated and audited
The constant threat potential requires KRITIS to maintain the highest safety standards. The associated requirements for data protection and IT security are defined by the IT Security Act (IT-SiG) and the European General Data Protection Regulation (GDPR). KRITIS must also comply with Article 5 of the BSI Act/BSIG (Act to Strengthen the Security of Federal Information Technology) on cooperation with authorities and observe BSI basic protection.
Cybersecurity at the highest level
KRITIS companies must also regularly demonstrate that they use all available cybersecurity options to protect their systems. Procedures for risk management and continuous auditing are also prescribed. Industry-specific guidance for the implementation of these high requirements is provided by B3S (industry-specific security standards). They define recommended security standards and are ideally reviewed for suitability by the BSI.
Cybersicherheit auf höchstem Niveau
KRITIS-Unternehmen haben darüber hinaus regelmäßig nachzuweisen, alle verfügbaren Optionen der Cybersicherheit zum Schutz ihrer Systeme einzusetzen. Abläufe für das Risikomanagement und die stetige Auditierung sind ebenfalls vorgeschrieben. Branchenspezifische Orientierungshilfen für die Umsetzung der hohen Anforderungen bieten die von den Verbänden formulierten B3S . Sie definieren empfehlenswerte Sicherheitsstandards und sind idealerweise vom BSI auf Eignung geprüft.
Affected KRITIS companies face heavy fines
If KRITIS organizations violate the regulatory requirements, they face severe fines of up to 20 million euros or up to 4 percent of the annual turnover achieved worldwide, whichever is higher. For the uncontrolled flow of sensitive personal data, the penal code also provides for fines and even imprisonment, with which the responsible managers can also be prosecuted.
Myra Security offers professional protection solutions for KRITIS
ISO 27001 (based on the BSI basic IT security regulations)
fully BSI-KRITIS qualified
Security operation center
24/7 full-service support from our IT experts
quick implementation and easy operation
Made in Germany
German manufacturer & GDPR-compliant
Many years of KRITIS experience
Myra is specialized in the protection of KRITIS
Technologies for KRITIS protection:
Myra DDoS Protection automatically protects online applications, websites, and the DNS servers and IT infrastructure required for communication. Myra is one of the only BSI-certified DDoS protection providers worldwide that completely fulfills all of the performance requirements. As such, highly sensitive infrastructure is in safe hands with Myra.
As an upstream filter, Myra Web Application Security protects your web applications. Malicious traffic is filtered before it reaches your servers or cloud architecture. Using Myra multi-fingerprinting, any applications attempting access are uniquely identified and visualized in Myra Analytics in real time.