Certifications validate WithSecure™’s unique security engineering expertise in developing mission critical ICS components
Helsinki, Finland – May 9, 2019: Cyber security provider WithSecure™ has earned two new International Electrotechnical Commission (IEC) certifications that recognize the company’s expertise in developing secure components for industrial control systems (ICSs). The certifications, IEC 62443-4-1 and IEC 62443-4-2, define the cyber security requirements for the development lifecycles and products used in industrial control and automation systems.
“Our security engineering process is a unique blend of security consulting and R&D, built on decades of experience that allow us to create secure, production grade products, from initial design all the way through implementation and deployment,” says WithSecure™ Head of Hardware Security Andrea Barisani. “Security is embedded into the foundation of everything we develop rather than added as an afterthought, and this is how we are able to provide secure components that safety critical industries, such as energy and transportation, can trust.”
Barisani’s team earned the certifications for a newly developed, proprietary data logging solution. The solution, designed for use in the maritime, aviation and automotive industries, collects data from vessels, aircraft or vehicles, and securely stores it in a central location. It also leverages concepts from data diodes that help contain attacks aimed at accessing industrial buses: even in worst case scenarios, the solution prevents attackers from using it to gain control over safety critical systems.
ICSs are long term investments for organizations working in a variety of industrial sectors, including energy, manufacturing, and transportation. Securing these systems can be a challenge due to their lengthy lifespans and critical role in operations. But as noted in a recent F-Secure report on the energy industry, the increasing level of connectivity found in ICSs and their surrounding IT environments makes securing these systems more important than ever.*
According to Barisani, earning internationally recognized certifications is difficult and time consuming, but important in order to help assure companies that what they are paying for will meet their security and business needs.
“Obtaining certifications like these is a long, hard fought journey, especially on a highly technical solution conceived and developed with practical, pragmatic security in mind. We’re proud to be among the few cyber security companies offering a certified solution that maintains, uncompromised, every facet of the security foundations it was built upon, thanks to the careful orchestration of our technical team with the certification process,” says Barisani.
More information on WithSecure’s hardware security services is available here.
*Source: https://blog.f-secure..com/cyber-attack-powerlessness-in-the-energy-industry/
WithSecure™ media relations
Adam Pilkey
+358406378859
About WithSecure™
WithSecure™, formerly F-Secure Business, is cyber security’s reliable partner. IT service providers, MSSPs and businesses – along with the largest financial institutions, manufacturers, and thousands of the world’s most advanced communications and technology providers – trust us for outcome-based cyber security that protects and enables their operations.
Our AI-driven protection secures endpoints and cloud collaboration, and our intelligent detection and response are powered by experts who identify business risks by proactively hunting for threats and confronting live attacks. Our consultants partner with enterprises and tech challengers to build resilience through evidence-based security advice. With more than 30 years of experience in building technology that meets business objectives, we’ve built our portfolio to grow with our partners through flexible commercial models.
WithSecure™ Corporation was founded in 1988, and is listed on NASDAQ OMX Helsinki Ltd.