A man in a suit stands at a podium giving a presentation to an audience at the PROTEKT Conference. A slide is projected behind him with a timeline showing Feb. 22, highlighting topics like critical infrastructure protection.

Securing critical infrastructure: 3-core at the PROTEKT conference

Operators of critical infrastructure must think about resilience holistically today, from business continuity management and crisis organization to physical security in operations. This is exactly what Stefan Erdweg, Managing Director of 3-core, shared insights on at PROTEKT, based on real project experience from implementation in security critical environments. In this article we show the most important practical levers that help operators become more resilient quickly.

A man in a suit speaks on stage at a conference for operators of critical infrastructure, speaking into a microphone. The on screen text introduces Stefan Erdweg, Managing Director of 3 core GmbH. The PROTEKT 2025 event logo and the dates appear in the lower right corner.

Practical challenges for operators of critical infrastructure

The PROTEKT makes one thing very clear: in practice, resilience does not fail only because of processes, but often because of missing expertise, unsuitable tools, or systems that do not work together properly. At the same time, you quickly notice that even the best technology does not help much if responsibilities are unclear and routines are not actually lived in everyday operations. In many conversations with operators and customers of 3 core, this exact tension came up. You need the right tools and the right competence, but just as much clear responsibilities and routines that really hold up in an emergency. That is why it pays off to set priorities and build solutions in a way that they work in normal operations and do not fall apart under stress.

Why operators of critical infrastructure now need to think about resilience holistically

For operators of critical infrastructure, a little security is no longer enough because disruptions today rarely stay neatly in one box. A cyber incident impacts operational processes, a technical failure becomes a communication problem, a physical event affects access control, staff and supply chains at the same time. Anyone operating critical infrastructure therefore needs a resilience system that not only protects, but also provides direction during an incident and brings operations back on track in a stable way.

That is what it is about. Prevention, response and resilience have to fit together. Prevention means assessing risks realistically and implementing protective measures in a way that works in everyday operations. Response means being able to act quickly during a disruption, with clear responsibilities, alerting, a shared situational picture and coordinated communication. Resilience shows in whether critical services can continue in emergency operations and whether recovery and restart are planned, tested and demonstrable. For operators of critical infrastructure, this is not an extra, it is part of operational capability.

From our project experience with operators of critical infrastructure, we repeatedly see typical issues:

  • Technology alone fails when processes and roles do not follow. Even good tools help little if responsibilities are unclear, escalation paths are missing, or decisions come too late.
  • Organization fails when measures cannot be integrated into operations. What sounds good on paper has to fit shift work, service providers, maintenance windows and complex system landscapes.
  • Documents alone fail when they are not tested, exercised and updated. Plans only become robust through exercises.

Emergency response management for critical infrastructure:

Emergency response management for operators of critical infrastructure is the planned response to disruptions in advance, in order to limit damage and stabilize operations quickly. It defines responsibilities, alerting and escalation, as well as the first measures, so that structured action is possible in an emergency.

Crisis management for critical infrastructure

In exceptional situations, the entire organization must remain able to act and make decisions. Crisis management for operators of critical infrastructure provides clear roles, for example a crisis management team, structured situational management, practiced routines, and aligned internal and external communication.

Business Continuity Managment (BCM)

To ensure that critical processes can continue during prolonged disruptions or be restored quickly, a systematic approach is needed. Business continuity management (BCM) for operators of critical infrastructure includes, among other things, business impact analyses, emergency operations and restart strategies, documented plans, and regular tests and exercises to verify effectiveness.

Security concepts for critical infrastructure

For operators of critical infrastructure, security concepts ensure that protective measures work in day to day operations and take effect in an emergency. This requires clear protection objectives, risk assessment, and responsibilities. Measures are integrated into operations and processes to protect sites and workflows against unauthorized access, sabotage, and disruptions. This is the core of security concepts for operators of critical infrastructure.

Next steps for critical infrastructure operators

  1. Use the 3-core quick check for the KRITIS Umbrella Act as an entry point to determine applicability and the next steps.
  2. Derive applicability, protection objectives, and priorities and document them in a clear overview of measures.
  3. Set up or sharpen the emergency and crisis organization, including roles, alerting, escalation, and communication.
  4. Define BCM and restart for critical processes in more detail and translate them into routines and responsibilities.
  5. Transfer physical security measures into an integrated security concept and embed it in operations.
  6. Run exercises, tests, and training to strengthen routines, verify effectiveness, and continuously improve measures.
Four people in business attire are gathered around a conference table, looking at a laptop. They appear engaged in discussion, possibly strategizing the implementation of the KRITIS umbrella law for critical infrastructure in a modern office setting.

PROTEKT is a specialist conference where physical security, security organization, and IT and cyber topics are considered together. For operators of critical infrastructure, this close integration is crucial because resilience only works when technology, processes, and operations work together.

It refers to organizations whose disruption or failure can have significant impacts on the continuity of essential services and public security. In practical terms, this means higher requirements for security posture, crisis management capability, and verifiability and auditability, often across multiple disciplines.

It depends on your sector, your role within the supply network, and the specific criteria and thresholds that apply. In practice, it starts with an applicability assessment: identifying critical processes, assessing dependencies, and defining responsibilities for implementation.

First, business continuity management with clear emergency operations and restart plans. Second, crisis management with practiced roles, a shared situational picture, and communication. Third, physical security measures that are integrated into operations, including zoning, access control, detection, and response.

A structured quick check: capture critical processes, responsibilities, existing plans, exercise maturity, and the current physical security posture, and derive a prioritized package of measures from that. This is how you quickly gain clarity without resorting to firefighting.

Explore more: Projects & Other Artikels

Artikel auf LinkedIn weiterlesen