Skip to content
Search our site  

    Cyber Security and the Internet of Things

    Research firm Statista estimates that the total number devices connected through the Internet of Things (IoT) will surpass 21 billion worldwide by 2025. But the growing IoT footprint has also become a prime target for cyber attacks by hackers and criminals.

    Contact Us for Help

    Fortunately, there are several internationally accepted standards to help manufacturers secure their devices.

    • EN 18031 series — This is the new European standard that will be mandatory for compliance with RED cybersecurity requirements from 1 August 2025. The standard was published in August 2024, but due to comments from the EU HAS consultants, the standard has not yet become an EU harmonized standard. This means that the standard cannot yet be used for self-declaration by the manufacturer and a Notified Body must be used.  Nemko provides service for this standard today, both for testing to the standard and as Notified Body for RED
    • ETSI/EN 303 645 — These European standard details outcome-focused best practices for the security of Internet-connected consumer devices to provide flexible security measures.
    • IEC 62443 — This series of standards focuses on the cyber security of various aspects of industrial communications networks, including industrial automation and control systems and components, as well as requirements for IACS service providers.

    How Nemko Can Help

    Nemko can test connected systems and devices according to the requirements and best practices detailed in ETSI/EN 303 645 and has specifically developed two testing and approval services for unique cyber security situations.


    Cyber Security Product Attestation

    This service provides a trusted, third-party cyber security verification method for manufacturers of custom products and components, as well as those who do not require certification. (For detailed product description, please contact Nemko)


    Cyber Security Product Certification

    Beyond testing according to ETSI/EN 303 645, this service includes an initial audit of the quality assurance system, as well as annual surveillance audits to ensure ongoing compliance. The huge benefit of this arrangement is that it allows the manufacturer to make certain updates to the product whilst maintaining the validity of the certificate. This is particularly useful for IoT products which are frequently updated. (For detailed product description, please contact Nemko)

    Based on requests from customers, we have developed three services that can help you get a good head start on the new cyber security requirements.


    Gap analysis report
    We do a GAP analysis of your product against the standard and provide a list the shortcomings and how you should address these. Such gap analysis may be combined with below trainings and workshops.

    Training

    At Nemko, we have identified the most relevant standards and requirements to meet the regulations. We can take you on a “guided tour” through the standard(s) including examples of solutions.


    Workshops

    We apply each clause of the standard to your specific product. Workshops are a very concrete and useful way to assess incompliance as they are based on one of your existing products.

     
    Nemko Cyber Mark
     
    The Nemko cyber secure mark verifies, in a simple and visible way for the buyers, the compliance of the product to the cyber security IoT standard ETSI/EN 303 645.
     

     

    Common Criteria scheme

    In addition to these services, Nemko can also provide testing and certification services according to the Common Criteria Scheme

    Cyber Security IoT Webinar

    On-demand webinar

    What will the new cyber security standard for IoT require? 

    Start preparing for the new cyber security requirements for CE marking through this introduction to the ETSI EN 303 645 standard on Cyber security for consumer Internet of Things.

    Click to watch

    Benefits of Working with Nemko

    Partnering with Nemko can provide your organization in addressing the challenges that occur in today's cyber security landscape.

    Recognized Cyber Security Expertise

    Acquired by Nemko in 2020, Systemsikkerhet is Norway's first information security consultancy and is one of only four information security testing laboratories recognized by the Norwegian National Security Authority.

    Active Involvement in Standards Development and Implementation

    Nemko’s team of experts have developed state-of-the-art cyber security standards and protocols, and are knowledgeable about all new, emerging requirements.

    Single Source Solution

    With its combined expertise in cyber security, product safety, Radio/Telecom and electromagnetic compatibility (EMC), Nemko is a robust source for manufacturers.

    Global Support

    Nemko helps to support your global market access efforts, offering more than 30 locations across six continents around the world.

    For more information

    Learn more about how Nemko can help your organization meet current and emerging cyber security challenges

    Contact Us for Help