Successful KRITIS audit: Allgeier secion reviews IT security measures of Stadtwerke Tuttlingen
by Tina Siering
As an energy and water supplier, Stadtwerke Tuttlingen is part of the critical infrastructure (KRITIS). According to § 10 paragraph 1 BSIG (BSI Critical Infrastructure Ordinance), they must therefore meet particularly strict, legally prescribed security requirements in the area of IT security, among other things. In order to subject their IT protection measures to a comprehensive security review, the municipal utility chose Allgeier secion as a "technically competent project partner".
Allgeier secion's IT security experts then conducted a penetration test. As part of this white box audit, the entire technical IT infrastructure of Stadtwerke Tuttlingen was checked by means of an automatic vulnerability scan as well as a manual vulnerability analysis. In addition, an individually designed phishing campaign served to sensitize all employees to fake communications from cybercriminals. It became a veritable "wake-up call" for the employees.