STOP-IT - Detail page

Home
FT
SP Wizard
- Risknought
Lists
- Measures
- Events
- Tools
- ST Procedures
Search
Login

Measure: SecureOutsourcing

Description

Assurance of IT security in case of outsourcing by setting-up appropriate agreements with the respective companies. By these agreements it is guaranteed that also the respective external companies comply with the relevant security guidelines. Thereby it is ensured that emerging risks due to the outsourcing process are minimized.

Comments

The agreement should ensure that the commissioned company complies with a sufficiently acknowledged security standard (e.g. the German IT-Grundschutz [IT-Basic Protection]).

Event source type

External supplier

Event type

Manipulation

Risk reduction mechanism

Frequency/Likelihood & Consequences

Threat Types

Cyber
Cyber-Physical

Action characteristics

Proactive

Measure types

Cyber Barriers
Control System
Action and Crisis Management Plans and Training

event_ measures

Event-Measure: 100986
Event-Measure: 101470

Event Consequences

Quantity
Quality
Financial

Asset types

Drinking Water Network
Drinking Water Tanks
Pressure Boosting Station
Water Abstraction Points
Water Treatment Plants

Events

Basic Event 227 - Fake news about contamination in WTP using manipulated water company public communication
Basic Event 240 - Upadate of OS causes false positive alarms from Event Detection System

Specific Assets

Control System
Sensor
Server
Transferred Information
Transmission Devices

Measure ID

M63

Name

SecureOutsourcing

Risk reduction mechanism

Frequency/Likelihood & Consequences

Action characteristics

Proactive

This project has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No. 740610. The publication reflects only the authors' views and the European Union is not liable for any use that may be made of the information contained therein. All illustrations in the homepage are attributed to rudall30/Shutterstock.com.