Global Market Access: Nemko Group AS Testing Services

Secure IoT with Nemko's New Cyber Security Certification Service

Written by Geir Hørthe | October 1, 2020

With the exponential growth of the Internet of Things (IoT), the vulnerability of billions of IoT devices to cyber attacks is increasing. Nemko has now launched a cyber security certification service based on the new European standard “Cyber Security for Consumer Internet of Things”.

Large corporations have already suffered the consequences of hacks, with intruders gaining entry to core financial systems and credit card data. Open backdoors have been found in poorly secured ‘minor’ IoT devices, such as air-conditioning units, printers and even the thermometer of a lobby aquarium.

Manufacturers of IoT devices have in recent years had vague cyber security regulations to follow. They have seen an increasing number of different customer requirements and an array of guidelines from dozens of third parties. A standardised set of requirements has been a pressing need.  

Nemko’s new IoT cyber security certification is based on the European standard (ETSI/EN 303 645), which was published in June this year.

Nemko’s customers can now achieve an overall certification to demonstrate compliance with a common European cyber security standard. This simplifies the process and provides the proof and documentation they need towards the market and their customers.

Per Ove Øyberg, CEO, Nemko 

 

Read more about the EU cyber security certification framework

Certifications make it possible to simplify trade by having a common and defined set of requirements, demonstrate security to customers and ensure regulatory compliance. They make products safer by finding vulnerabilities in the product design, such as a hardcoded password, ports that are unnecessarily left open, radio transmissions that give information to a possible outside listener or a lack of secure solutions for closing future vulnerabilities.

The first customer to achieve the new cyber security certification is the Norwegian IoT manufacturer Datek, one of Norway’s leading providers of IoT products and solutions. Datek delivers solutions to private companies and the public sector both in Norway and internationally.

 

We’re very satisfied with this project and the cooperation with Nemko. We believe the new certification scheme will lift the quality of the products and increase consumer trust in connected devices.

Espen Westgaard, CTO, Datek

In the initial project, Nemko evaluated a Datek gateway for smart houses. Early input from Datek was important for determining the best work processes and methodology for the assessment, using a standard with a common and defined security level. Nemko performed evaluation of the product design and solutions, and the testing was done on Datek premises.

 
 
 
Nemko's Geir Hørthe hands over the first cyber security certificate to Datek's CTO Espen Westgaard after a successful pilot project. 
 
 
 
 
 
As future changes to the product can affect the security and trigger a new evaluation, Datek will also take advantage of Nemko’s solution enabling assessment of minor updates in-house, with an audited quality assurance system. This allows Datek to control long-term costs while maintaining a secure position.
 
 
Read more about The EU cybersecurity act and The EU cybersecurity certification framework
 
 
 
View full post