ViVeTech Zrt. is preparing to enter the German market with software developed entirely in Hungary. The software ensures the simple and cost-effective implementation of the ISO27001 information security standard for critical infrastructure providers, supports certification and the operation of the quality management system. The introduction of the software greatly helps to protect critical infrastructure operators against cyber-attacks and to comply with legal requirements. Besides the German market, the company is gradually planning to enter the market in other EU member states, following legislative changes in the governments of these states.
Critical Infrastructure (CI) IT security issues have come to the attention of governments in most of the EU member countries. Critical infrastructure includes organizations performing vital social functions that are essential for public health, public safety, national security, and basic economic life. A comprehensive study commissioned by the European Commission last year concluded that senior government and business leaders, national security experts, NGOs, and research institutes involved in research considered cyber-attacks to be the most serious threat to critical infrastructure - even ahead of power outages or natural disasters. Critical infrastructure providers' computer systems have traditionally been very vulnerable to cyber-attacks. The seriousness of the problem is well illustrated by the fact that a recent Hungarian survey revealed serious security problems in more than two thousand Hungarian industrial systems. The situation at EU level is not much better either.
In 2004 the EU adopted a program for the protection of European Critical Infrastructure, followed in 2008 by the adoption of a directive on the subject (2008/114 / EC). The Directive required member states to monitor the quality of RI risks on an ongoing basis and forces them to report on the activities carried out to reduce the risks. At present, apart from the directive, there is no uniform EU regulation on the quality assurance standards of CI, the member states have developed it by themselves. A similar piece of legislation is being prepared in Hungary, but within the EU, Germany is at the forefront of creating a legal environment. Authorities primarily expect service providers to obtain ISO27001 and so-called BSI certification.
ViVeTech has been providing IT security services to Hungarian CI providers for several years, and based on their experience, they are developing a software that helps CI providers comply with the law. The 100 percent Hungarian-developed ViVeSec software is a fully automated service that enables the simple and cost-effective implementation of the ISO27001 information security standard. A special advantage is that it can be flexibly adapted to the different regulatory requirements of different countries.
"We plan to appear on the German market for the first time with our ViVeSec solution, as the legal regulations are already sufficiently advanced there," said Miklós Márton, CEO of ViveTech Zrt. According to Miklós, there are thousands of companies, service providers, and institutions in Germany alone that need to obtain ISO certification in a short period of time, making it an ideal market for ViVeTech. At the EU level, billions of euros will be spent on cybersecurity and compliance in the coming years. The company plans to start selling the software in Germany in the second half of 2021.
ViVeSec enables an organization to quantify IT risks, threats, and vulnerabilities. It provides information security officers with up-to-date information and helps them manage and share reports on the data security status of their organization. The software fully supports compliance with the ISO27001 standard and the industry- and country-specific requirements required by BSI - including the implementation of an information security management system, obtaining certification, and maintaining the system, as well as continuous quality control.
Miklós Márton emphasized: the advantage of the ViVeTech solution is that it does not require a physical presence, the quality assurance process takes place online and in the cloud. This not only saves CI providers significant costs but also eliminates the risks associated with the COVID-19 pandemic. The Hungarian company is constantly monitoring the legislative processes of the EU member states. If regulations, similar to the German ones, come into action, they will also start selling the ViVeSec software.
 EY (2019). Evaluationstudy of Council Directive 2008/114 on the identification and designation of European critical infrastructures and the assessment of the need to improvetheir protection, Annex I.