Cyber security – IEC 62443
IEC 62443 is an international series of standards that address cybersecurity for operational technology in automation and control systems. It provides a flexible framework for the resolution and mitigation of current and future security weaknesses in industrial automated and control systems (IACS). However, its focus is, in reality, much broader thanks to its more generally defined requirements for the cybersecurity of HW and SW. The requirements contained in 62443-4-1 and 62443-4-2 can thus be applied to practically any HW and SW for which cybersecurity is a significant factor.
This certificate is based on the IECEE certification scheme. One important aspect of this scheme is that the applicant for certification themselves selects the requirements by which they will be assessed and certified, giving applicants unprecedented options for customisation of the certification process. For Czech producers, implementation and certification according to these standards can bring prestige and a massive competitive advantage on foreign markets, as the certificates are recognised across practically the whole world.
IEC 62443 standards eligible for certification:
- IEC 62443-2-4
- Requirements for security programmes for providers of IACS services
- IEC 62443-3-3
- Requirements for system security and security level
- IEC 62443-4-1
- Life cycle requirements for the development of safe products
- IEC 62443-4-2
- Technical security requirements for IACS parts
In addition to the certification according to the IEC 62443 standards, we offer our clients the option of a so-called pre-assessment. This is a shortened form of evaluation based on the client’s previously specified requirements. Through the pre-assessment, clients can identify their strengths and weaknesses, detect any discrepancies, and find opportunities for improvement. This enables them to be better prepared for the actual certification.
Sales
Ing. Lenka Mariánková
Product Manager
Technical specialist
Ing. Michal Hager
Head of Cyber Security Department
Why choose EZÚ?
EZÚ is one of the few certification bodies in the world that participates in the legislative process
We have a team of top experts and our own cybernetic laboratory.
EZÚ collaborates with CESNET.
We are a state body with a long history and the status of a qualified, trustworthy certification authority
We place considerable emphasis on the independence and impartiality of our auditors and the quality of the resulting outputs
Reasons to get certification
- Mapping of the current state of cybersecurity and identification of suggestions for improvement.
- Ensuring of cybersecurity and it continuous improvement.
- Protection from major financial losses and damage to or destruction of assets.
- Process improvement and acceleration (especially for IT services).
- Effective use of finances to ensure cybersecurity.
- Security of individual components of IT infrastructure (down to the level of firmware and microprocessors).
- Security of the supply chain.