Kaspersky Industrial CyberSecurity for Networks has achieved certification against international standard IEC 62443-4-1 for the secure software development lifecycle of industrial enterprise solutions, following independent assessment by TÜV AUSTRIA. The certification is awarded to those software products which meet a number of high-level requirements for protecting industrial process control systems in modern production facilities.
The needs and expectations of the industrial sector when it comes to cybersecurity are understandably high, with the smooth and efficient running of production lines and manufacturing operations hugely disrupted if mission critical systems are affected by cyberthreats. A reliable and robust cybersecurity solution is crucial, and part 4-1 of the IEC 62443 standard is designed to give manufacturers, integrators and plant operators across the globe confidence that the software measures they put in place to mitigate risk within industrial environments are based on the highest levels of product design, quality, safety, implementation and decommission.
To gain certification, Kaspersky Industrial CyberSecurity for Networks underwent an independent audit conducted by TÜV AUSTRIA, which reviewed the entire lifecycle of the product and the secure and structured approach taken to software development. The assessment was based on more than four dozen metrics which determined the level of maturity awarded to the solution. The criteria covered design, implementation according to guidelines, testing and validation, elimination of deficiencies and safe decommissioning.
“TÜV AUSTRIA is among the first closing the gap between IT and OT security offering a holistic audit approach covering all aspects. IEC62443 defines a new level of reliability for OT security process networks also focusing on high quality software development covering the whole lifecycle. Conducting the audits we found a highly skilled and professional software development environment laying the cornerstone for high quality software products. The successfully conducted audits prove that Kaspersky’s software development processes ensure high levels of quality to address the various levels of risks and vulnerabilities in the industrial sector,” commented Detlev Henze, head of TÜV AUSTRIA Group’s TÜV TRUST IT GmbH.
“Conformity to IEC62443 international standards is of course the key to providing wide access to high-tech world markets and letting software products be incorporated in high-level industrial automation systems of Industry 4.0 level,” added Dmitry Yartsev, director general of TÜV AUSTRIA office in CIS.
Kaspersky Industrial Cyber Security for Networks confidently achieved the Third Maturity Level for secure development processes, demonstrating documented processes that are repeatable and consistently followed. The solution did however also tick many of the boxes associated with level four attributes which relate to the improvement of processes.
Mr. Stephan Neumeier, Managing Director, Kaspersky (APAC) said, “We are known for providing premium standard of security solutions and services in the cybersecurity industry. Receiving an independent and expert certification from such an esteemed body like TÜV AUSTRIA enhances our work further in protecting the most critical Industrial sector. IEC62443 audit confirms that our products match the international standards, thus helping us gain more credibility and reliability from the industry for our solutions and services. As Industrial and critical infrastructures continue to grow in the APAC regions and across the globe, it become more and more important for us to dedicate our services and efforts in securing the sector by innovating solutions that can provide highest quality standards.”