ICS Cybersecurity a growing challenge

The growing prevalence of standardized hardware and software now being used in heavily networked automation and control infrastructures has led to a rapidly increasing potential for cyber threats and risks. Few years ago, no internationally valid standards existed for IT security certification of Industrial Automation and Control Systems (IACS). The IEC 62443 family of standards now provides a basis for such cyber security certification.

CertX represents the first Swiss Accredited Certification Body offering IACS cyber security certifications according to IEC 62443.

Think like a hacker

Our certification programs have been developed by cybersecurity specialist, initially trained to perform penetration tests and support secure system/infrastructure development. Based on that strong cybersecurity knowledge developed through several hacking competitions (CTFs and Online challenges), our cybersecurity department can help you to anticipate potential future risks thanks to this offensive spirit that we cultivate.

A wide vision of the cybersecurity

Based on our desire to increase our knowledge in many areas, our cybersecurity department keeps updated, follows and participates in the development of future cybersecurity standards in several domains such as IoT, Energy, Drones, Automotive, Railway…

Services

Cybersecurity trainings

  • Introduction to cybersecurity (General IT, IoT, good practices)
  • Introduction to ICS cybersecurity
  • IEC-62443 in a nutshell (standards overview, CSMS, Risk Analysis, IACS Zones & Conduits, Security Levels)
  • IEC-62443 in depth (Cybersecurity programs, IACS forensics, practical cases, Interactive discussion)
  • Cybersecurity for companies (ISO-27001, Swiss RGPD)
  • In the future: Other standards (IoT, Drones, Automotive, Railway…)

IEC-62443 certifications

  • Certification for system integrators
    (62443-2-4 and 62443-3-3)
  • Certification for manufacturers
    (62443-4-1 and 62443-3-3)
  • Certification for products
  • In the future, Certification for personnel

Step-by-step Approach for certification

  1. Certification Scope Definition and Documentation Request
  2. Level-1 of Assessment: Documentation Analysis
  3.   Audit Preparation:
    1.   CertX define the audit plan
    2.   CertX mandate the external consultant (called X)
  4. On-site Audit Realization:
    1.   X conducts the audit following the audit plan
    2.   X collects the audit results and provide them to CertX
  5. Level-2 of Assessment: On-site Audit results Analysis
  6. Overall results completion and certification award

Contact

Kilian Marty
Head of the Cybersecurity department
kilian.marty@certx.com
T +41 26 309 29 94

CertX AG
Rte de l'Ancienne Papeterie 106
1723 Marly
Switzerland
T +41 26 309 29 99
View on Google Maps