The updated versions of two BSI minimum standards are available for verinice: The minimum standard for using external cloud services and the minimum standard for logging and detecting cyber attacks. Both are available free of charge in the verinice shop for use in verinice (German only).
The minimum standard for the use of external cloud services formulates security requirements according to § 8 para. 1 BSIG. It addresses the two scopes of use and shared use of external cloud services. In version 2.1 the implementation notes and the reference table have been updated based on Edition 2022 of the IT-Grundschutzkompendium.
In version 2.0, and with it a completely new structure, the minimum standard for logging and detecting cyber attacks is available. It is intended to ensure a uniform approach to the detection of cyber attacks and substantiates the building blocks OPS.1.1.5 Logging and DER.1 Detection of security-relevant events from the modernized IT-Grundschutz. A significant innovation is the extensive integration of the "Logging Guideline for the Federal Government" (PR-B), which was previously available as an annex.
The minimum standards of the Federal Office for Information Security (BSI) are primarily aimed at the federal administration. Other organizations such as state administrations or companies can also achieve a minimum level of security with their help. Companies and authorities that follow the BSI minimum standards benefit from a clear structure and orientation as far as ensuring the security of data and systems is concerned. Working with the minimum standards in the ISMS tool verinice also offers all the advantages of centrally managing information security - users can focus fully on implementing security requirements.