DEKRA recognized to assess and certify cyber security in industrial automation
Arnhem, September 28 – The European Commission considers IoT devices currently designed and produced to not be equipped adequately in terms of cyber security. As the first organization in Europe, DEKRA was recently recognized to assess and certify against the latest cyber security require-ments in industrial automation, helping manufacturers, operators, and in-tegrators already meet some of the upcoming EU legislative challenges.
The first EU-wide legislation on cyber security, the Network and Information Sys-tems (NIS) directive, and the NIST Cyber Security Framework (NIST CSF) in the US, will both come into effect in 2018 and are mandatory.
The conformity assessment according to the IEC 62443, recently launched by the global IECEE certification scheme, already allows manufacturers, integrators, and operators of automation products and critical infrastructures to prepare for the basic cyber security requirements as laid out in the new EU directive and US framework.
Compliance with IEC 62443 demonstrates that organizations and products im-plement security best practices and achieve a level of security appropriate for the particular application. DEKRA is the first European organization that has been recognized to perform assessments and issue certificates against IEC 62443. IEC 62443 is the leading security standard not only for industrial automation, but for healthcare and industry 4.0 applications as well.
"The economic impact of cyber crime is already far larger than we can imagine. We work to make sure people and businesses stay safe when they use technol-ogy, now and in the future", adds Bert Zoetbrood, CEO of DEKRA's global Prod-uct Testing & Certification unit. The recognition fits seamlessly with the devel-opment of DEKRA's evolving global cyber security competence center.
European Commission working on updates
The European Commission is currently working on updating their cyber security strategy, which dates back to 2013. In addition, they recently proposed a regula-tion for the cyber security of information and communication technology devices: the Cyber Security Act. More specific proposals on different issues will be published in the coming months.
For more information, visit the Cyber Security Program page