Cybercrime is an increasing threat
Silent and often invisible, cybercrime is an increasing threat to both information technology and industrial control systems, in a range of critical industries. Any company can expect to fall victim to cybercrime at some stage. Cyber threats come from many different actors exploiting vulnerabilities within processes, organization (including people) and technology. The consequences are often comprehensive as the financial or reputational issues arising from such events can be hugely damaging. It is vital to apply a broad view to potential cyber threats.
Our cyber security services help protect your assets
DNV GL is an independent advisor on cyber security for critical infrastructure in all industries. We provide services that help you identify your most valuable assets, quantify and manage risk, achieve compliance and improve business performance. We focus on organization, processes, technology and people to ensure that you are in control, protecting critical operations and ultimately the bottom line.
- Gain valuable insights into your cyber security risk picture through our risk assessment, advisory and training services
- Identify data and information risk, leveraging our ontology and semantics experts
- Verify that systems and products are secure and aligned to best practice by performing penetration testing, through ICS component/system certification and product assurance in accredited labs
Cyber security approach
With the increasing convergence between IT and OT (operational technology), in addition to outsourcing of services, both the IT and OT domains are becoming more exposed to cybercrime. When cyber security risks materialize into actual incidents, this can impact not only performance, but also safety and the environment.
Comprehensive knowledge of the company's assets, and the value of these, is essential for further security risk assessments. During the risk assessments, it is important to identify threats and vulnerabilities and validate the presence of appropriate mitigation barriers. After the assessment, appropriate security measures need to be evaluated and implemented. This could be rectification of operational processes, access restrictions, increased requirements to vendors, pen testing, technology upgrades, awareness training of people and more.
DNV GL’s approach is founded on wide industrial expertise and experience with cyber security, information technology, industrial control systems and networks. DNV GL understands and applies the relevant best practices, standards and regulations, such as ISO 27000, NIST 800, and IEC 62443 standards, GDPR regulation and relevant security legislation.
DNV GL - Your independent advisor on cyber security for critical infrastructure
- Bringing industry together to create best practice
- Specialized ICS cyber security competence for your industry
- Pragmatic solutions to target the largest risk reductions
Due to the increasing pressures from external and internal threats, organizations responsible for critical infrastructure need to have a consistent and iterative approach to identifying, assessing, and managing cybersecurity risk. This approach is necessary regardless of an organization’s size, threat exposure, or cybersecurity sophistication today.”