Nemko's new cyber security certification gives Datek competitive edge

With the exponential growth of the Internet of Things (IoT), the vulnerability of billions of IoT devices to cyber attacks is increasing. Nemko has now launched a cyber security certification service based on the new European standard “Cyber Security for Consumer Internet of Things”.

Large corporations have already suffered the consequences of hacks, with intruders gaining entry to core financial systems and credit card data. Open backdoors have been found in poorly secured ‘minor’ IoT devices, such as air-conditioning units, printers and even the thermometer of a lobby aquarium.

Manufacturers of IoT devices have in recent years had vague cyber security regulations to follow. They have seen an increasing number of different customer requirements and an array of guidelines from dozens of third parties. A standardised set of requirements has been a pressing need.  

Nemko’s new IoT cyber security certification is based on the European standard (ETSI/EN 303 645), which was published in June this year.

 

Nemko’s customers can now achieve an overall certification to demonstrate compliance with a common European cyber security standard. This simplifies the process and provides the proof and documentation they need towards the market and their customers.

Per Ove Øyberg, CEO, Nemko 

 

Read more about the EU cyber security certification framework

 

Certifications make it possible to simplify trade by having a common and defined set of requirements, demonstrate security to customers and ensure regulatory compliance. They make products safer by finding vulnerabilities in the product design, such as a hardcoded password, ports that are unnecessarily left open, radio transmissions that give information to a possible outside listener or a lack of secure solutions for closing future vulnerabilities.

The first customer to achieve the new cyber security certification is the Norwegian IoT manufacturer Datek, one of Norway’s leading providers of IoT products and solutions. Datek delivers solutions to private companies and the public sector both in Norway and internationally.

 

We’re very satisfied with this project and the cooperation with Nemko. We believe the new certification scheme will lift the quality of the products and increase consumer trust in connected devices.

Espen Westgaard, CTO, Datek

 

In the initial project, Nemko evaluated a Datek gateway for smart houses. Early input from Datek was important for determining the best work processes and methodology for the assessment, using a standard with a common and defined security level. Nemko performed evaluation of the product design and solutions, and the testing was done on Datek premises.

Cyber security certification pilot project between Nemko and Datek

 
 
 
Nemko's Geir Hørthe hands over the first cyber security certificate to Datek's CTO Espen Westgaard after a successful pilot project. 
 
 
 
 
 
As future changes to the product can affect the security and trigger a new evaluation, Datek will also take advantage of Nemko’s solution enabling assessment of minor updates in-house, with an audited quality assurance system. This allows Datek to control long-term costs while maintaining a secure position.
 
 
 
 
 
Written by Geir Hørthe
Geir Hørthe is responsible for the Nemko cyber security initiative. He has worked at Nemko for more than 30 years, in the capacity of test services, lab manager of safety, ATEX and medical departments. Geir was also for two years, Managing Director at the Nemko office in London. After he returned to Norway, he held for many years the position as Certification Manager at Nemko HQ with responsibilities for electrical product certifications, for national and international certification.

Newsletter