by Sükrü ilkel Birakoglu, Senior Director
With the introduction of the IT Security Act 2.0, the BSI demands, among other things, the mandatory introduction of security monitoring and remediation solutions such as a SIEM system for companies with critical infrastructure.
A SIEM (Security Information and Event Management) solution is software that can be used to collect, analyze and correlate security-related data from various sources in real time.
What is the BSI act, KRITIS, and NIS2?
Due to the tightened IT security obligations and increased penalties, in particular the numerous amendments to Germany’s central IT security law – the Act on the Federal Office for Information Security (Gesetz über das Bundesamt für Sicherheit in der Informationstechnik (BSI-Gesetz), “BSI Act“) – are relevant for both the operators of critical infrastructure already covered by the BSI Act but also companies active in the area of municipal waste disposal, manufacturers of IT products used in critical infrastructures, and companies in the special public interest.
- KRITIS (Kritische Infrastrukturen) sector in Germany refers to industries and services considered vital for society and economy: energy, transportation, health care, finance, and telecommunications.
- NIS2 directive is an EU regulation that aims to improve the security of these critical infrastructure networks and systems.
- NIS2 directive requires organizations in the KRITIS sector to take appropriate security measures and report significant incidents to the relevant authorities.
- NIS2 directive establishes a framework for cooperation and information sharing between member states to enhance the overall security of the EU’s critical infrastructure.
The benefits of a SIEM solution
In the world of IT outside of the ERP systems such as server, desktop, intranet and external web applications, the classic non-SAP IT, SIEM solutions have been used for quite some time. It is relatively a new approach to connect Business Critical Systems ( e.g. SAP, Oracle, MS Dynamics) into SIEM Systems. Logpoint is a pioneer in this field and has connected SAP Logs into state-of-the-art Logpoint SIEM.
In our solutions, we combine the best of our experience with SIEM for classic IT and the specific requirements of the SAP landscape.
Securing SAP solutions and KRITIS
Logpoint offers an SAP Security Monitoring Solution which can be implemented very quickly not only for big companies but also for Small and Medium Sized Companies (SMEs). The flat cost structure of the solution and cloud based or on-premise SIEM implementation makes the solution particularly interesting for SMEs that must meet the KRITIS requirements of IT Security Act 2.0 from the BSI.
Advantages of Logpoint’s SAP Security Monitoring Solution:
- Remote Connection Technology to SAP Systems with zero-installation on SAP System Landscape
- Easy Configuration and Deployment
- Cloud Based SIEM on request
- Out-of-the Box Use-Cases and Dashboards for SAP Security Monitoring
- Solutions spanning SAP On-Premise (ERP, S/4HANA, CRM, BW, SRM) and Cloud Systems (SAP SuccessFactors, SAP BTP)
- SIEM and SAP Security knowledge
- Advanced Technologies e.g. UEBA for SAP, SOAR for SAP
If your company must meet the KRITIS requirements and you need an easy-to-install cybersecurity solution, contact us. Take Tour.