Cyber Security Incident Response Team
IT Security in PROFIBUS & PROFINET International
The increasing networking of production facilities increases the risk of cyber-attacks. The communication technologies specified and supported by PROFIBUS & PROFINET International (PI) are also exposed to this risk. In order to counter this risk, the PROFIBUS Nutzerorganisation e.V. operates a Cyber Security Incident and Response Team on behalf of PI (PI-CSIRT)..
- The PI-CSIRT provides information and support to PI member companies and users of PI's technologies. This includes assistance in implementing proactive measures to reduce the risk of computer security breaches and to respond to such breaches or incidents as soon as they occur. The PI-CSIRT is also intended to serve as a contact for the regional PI Associations (RPAs).
- The PI-CSIRT sees itself as an intermediary between technology suppliers, component manufacturers, system manufacturers and users of the technologies of PI.
- The PI-CSIRT serves as a contact for other CSIRTs / CERTs as well as other national and international institutions (e.g. BSI, ENISA) in questions concerning the PI technologies and maintains corresponding contacts with these institutions.
The special role of the PI as a manufacturer association means that the PI-CSIRT sees its focus on the handling of weaknesses in the specifications of the technologies of PI and that the handling of product-dependent weaknesses is the responsibility of the respective technology, component or system suppliers. In this case, the PI-CSIRT will provide the necessary support to forward incoming vulnerability reports to the appropriate addressees and to provide appropriate feedback to the reporting person / company.