Niemann, Laura and Wellßow, Arlena and Kuchenbuch, René and Werth, Oliver and Uslar, Mathias
Wirtschaftsinformatik 2024 Proceedings
The integration of information and communication technology (ICT) into the energy grid, making it the smart grid, necessitates enhanced security measures due to the potential impact of component failures on critical infrastructures. To ensure comprehensive security coverage, organizations should establish information security measures. There are various guidelines available that describe information security measures. It is important to compare the various information security guidelines in this area to ensure comprehensive information security. This paper compares NISTIR 7628 with the ISO/IEC 27000 family and the German IT Grundschutz Compendium. A security recommendation table is created to systematically identify variations in security requirements across these standards. The discrepancies between ISO/IEC 27002 edition 2013 and 2022 are also considered. The identified differences are highlighted and emphasized, and it is demonstrated that a uniform language for the different documents would be beneficial.