KÜRT is a part of the “Ipar 4.0” concept design,
and is involved in several working groups of the National Technology Platform as well.
Ipar 4.0 is an innovation trend that spans the entire range of modern industrial production through
- the interconnection, networking and coordinated control and regulation of systems and their constituent cyberphysical devices;
- the intelligent collection, analysis, processing and utilization of data generated in the manufacturing processes;
- maximizing the potential of automation; and
- the cross-industry connection and digitization of producer value chains.
Ipar 4.0 offers more than just a vertical integration within the manufacturing unit; it also offers horizontal integration between different manufacturers, suppliers, and companies. IT is one of the key factors in implementing the Ipar 4.0 concept plan.
In the context of Ipar 4.0, KÜRT’s aim is to enable its clients to benefit from the advantages of Ipar 4.0 while keeping their data, processes and systems safe.
The activities listed below are also supported by KÜRT’s proprietary SeCube IT GRC software, LogDrill log analyzer application and PetaPylon appliance system.
1. Risk management
We support the mapping and risk-based management of risks jeopardizing the confidentiality, integrity and availability of data assets in vertically and horizontally connected systems as well as the development and maintenance of an information security management system responsible for the organization’s long-term information security.
We help you comply with the legislation on critical information infrastructures, the provisions of the Information Security Act, the ISO 27001 standard, the EU General Data Protection Regulation (GDPR) as well as all other industry and corporate standards and regulations.
3. Process optimization – business impact analysis (BIA)
Process optimization requires the assessment of the processes and the exploration of their relationship and interdependency. Business impact analysis (BIA) allows for mapping the extra damage resulting from the interdependence of systems at times when the system involved in business activities and the associated data assets are damaged.
4. Business Continuity Management (BCM)
Business continuity management (BCM), which combines business continuity planning (BCP) and disaster recovery planning (DRP), aims to prepare the organization
- for addressing events that threaten the planned execution of business processes typical of normal operation;
- for maintaining critical levels of processes and functions in the event of an incident; and
- for preparing to relocate to replacement or alternative systems in case of damage or shutdown with the least possible loss.
5. Production continuity management (PCM)
Production continuity management ensures that critical points and processes are identified and makes it possible to define the framework for optimum operation, to minimize downtime and to guarantee post-disaster recovery. Its methodology is basically the same as the BCM project methodology.
6. Log management
The collection and analysis of log files is of utmost importance for the perspective of information security. An effective log management serves both the prevention and management of incidents, while ensuring the possibility of subsequent investigation. The analysis of log files goes beyond security issues.
7. Vulnerability management
Vulnerability management as an activity enables the detection of vulnerabilities that may cause damage to the organization’s business and production systems. As a result of the testing conducted using multiple methods, a comprehensive report is prepared on the shortcomings detected, which includes recommendations for tasks required for fixing bugs and vulnerabilities as well as suggestions for the hardening of the system through the application of safe settings.
8. IT forensics
IT forensic is a digital tracing activity aimed at retrofitting security incidents that prevent the optimal functioning of IT systems and at collecting evidence. We conduct our investigations using industry-leading data recovery, ethical hacking, log analysis and risk management methods.
9. Information security training
In addition to the state-of-the-art equipment and protection system, the human factor is the most critical with respect to the protection of industrial systems. Our customized training service aims to minimize the risk to the organization generated by the human factor and prepare the employees for using the IT environment in a consciously safe manner.
10. Quality assurance of IT developments
In the field of IT developments, the implementation of safety expectations and return on expenditures are important considerations. We are able to help your organization right from the onset of the planning phase since we have gathered extensive knowledge and experience in the field of information security and quality management of IT developments.