May 22, 2019

Siemens and TÜV SÜD have come together to address the growing risk of cyberattacks on critical infrastructure by collaborating to provide digital safety and security assessments, as well as industrial vulnerability assessments to help global energy customers identify asset risk and cybersecurity solutions. 

Under this partnership, TÜV SÜD will offer digital assessments that incorporate Siemens as a provider of cybersecurity vulnerability assessments across the entire cyber asset management lifecycle.  The digital assessments of industrial control systems in both the oil and gas and power generation sectors (nuclear applications excluded) will be vendor-agnostic, meaning they will not be limited to customers using products and technologies manufactured and supplied by Siemens.

Critical infrastructure in the energy sector continues to be a primary target for hackers. This new risk environment, with a record number of near-miss safety events at plants around the world, poses significant potential for damage to the health and safety of people, processes, plants and products. Cyber threats to the environment, finance and supply chains jeopardize the entire global economy.  In this IoT-driven (Internet of Things) environment, where energy systems are increasingly connected, supplying data consolidation, visualization and evaluation, there is a heightened need for high-level trust and confidence in digital safety and security.

This is particularly relevant as cyberattacks are being executed more frequently, with higher level of sophistication, and at a lower cost.  Increased connectivity magnifies the threat surface in energy systems.  From Shamoon to Industroyer, to WannaCry, the need for a holistic cybersecurity solution should incorporate resiliency, hygiene and security by design.

“Leveraging TÜV SÜD’s expertise in safety and Siemens’s strength in digital security, redefines how energy companies will manage their growing physical and digital safety and security challenges,” said John Tesoro, President and CEO of TÜV SÜD North America. “TÜV SÜD has a long history of driving innovation, and is now at the forefront of cybersecurity testing, inspection and certification.  TÜV SÜD’s role is consistent with the need for developing mandatory, independent third-party certification for critical infrastructure and solutions,” added Tesoro.

“This is about reducing risk,” says Leo Simonovich, Vice President and Global Head for Industrial Cyber and Digital Security at Siemens. “Together, we will redefine an approach that will lead to reduction in the growing risks in the digital world, reducing risk in the physical world as well.  Combining safety and security to address the human element – and strengthen trust – will provide an unprecedented view into risk,” says Simonovich.

In addition to this activity, both companies are also driving the Charter of Trust. As members of this global cybersecurity initiative, both Siemens and TÜV SÜD are committed to ensuring the security of a digital world. With 16 members, the Charter of Trust calls for binding rules and standards to build trust in cybersecurity and further advance digitalization. The Charter delineates 10 action areas in cybersecurity where governments and businesses must both become active.

Source