Cyber Security Strategy
Cyber security is of critical importance for any C-level manager to secure brand, customer relations and revenues. Security is always relative and never for free. Digitalization and cyber security belong together. Jointly we analyze the digitalization opportunities of your operations, services and products. We support the definition of your Security Strategy according to your regulatory and market constraints.
Security Frameworks
The EU legal security framework is the NIS 2.0, addressing Sectors of High Criticality and Other Critical Sectors. The governance shall be effective in all EU Member States on 17th of January 2025. In Germany, the IT-Sicherheitsgesetz 2.0 BSIG regulates security for critical infrastructures. BMSD is experienced in designing compliant security solutions for critical IT and OT infrastructures according to CC-EAL, ISO 27001 and IEC 62433.
Common Criteria Evaluation (CC-EAL)
CC EAL is the underlying principle of all security evaluations. CC Version 3.1 is specified and published as IEC 15408. CC-EAL specifies rules for security targets, protection profiles and the evaluation requirements. The Target of Evaluation (TOE) contains the core security functions like cipher suites, key generation and storage as well as the Root of Trust (ROT).
ISO 27001
Is the basic security standard, focus is on the Information Security Management System (ISMS), the Operation Processes and IT Services. ISO 27001 is used as basic requirement set for the VDA-ISA / TISAX and several BS3 sectors.
IEC 62443
Is the BSI recommended standards for Industrial Control Automation Systems IACS. It covers the ISMS and the Operational Technology (OT). It sets role specific processes for operations (asset owners), services providers and product manufacturer.
