INDUSTRY NEWS: AZZO Achieves ISO 27001 Certification

CybersecurityCorporateEnergyX
Written By Dan Wall

As cybersecurity risks continue to grow around the world, we are pleased to announce that AZZO has achieved certification for the ISO 27001 cybersecurity standard. This represents an important milestone in our ongoing journey to deliver secure, best-in-class power & energy management systems.

Our customers have relied on us to provide secure power & energy management systems for over 15 years. During that time, we’ve seen distinct trends in 3 key areas:

  • a focus on renewable DERs and electrification of facilities to decrease carbon emissions

  • a greater desire for power automation and digitization to increase safety & efficiency

  • an architectural shift from on-premise to IoT platforms.

Together, these changes have significantly expanded the perimeter of cybersecurity threats. Having noticed these trends years earlier, we took action to build a core competency in Digital Systems, with cybersecurity at the core. This meant that we could design our solutions to stay far ahead of the emerging threat landscape. Certifying to ISO 27001 was a logical next step in our journey.

With IoT-based energy management systems, it is important to secure Information Technology (IT) assets as well as the Operational Technology (OT) assets. Securing each asset class protects different aspects of a system, as indicated in this diagram:

It is a mistake therefore, to think that the cybersecurity standard story is complete with ISO 27001 alone. Where ISO27001 focuses on security of IT, there is a complementary standard called IEC 62443 which focuses on securing OT. Both standards together cover the full domain of energy & power management systems security. Not only is AZZO certified for ISO 27001, but we also have deep expertise with a wide variety of devices and software systems that are certified to the IEC62443 standard. This means that we are able to offer true end-to-end protection of our customer’s information and operations.

Here is a diagram that indicates the general coverage of each standard. Notice the significant areas of overlap which indicate the shared domains and intersections of information flow that characterize IoT systems.

If you have any questions about the implications of IT and OT cybersecurity on your systems and what role standards can play, please contact us.

Dan Wall
Previous

INDUSTRY NEWS: AZZO At The 2022 IMPACT Awards
Next

ARTICLE: IOT Architecture for Power & Energy Management - On-Premise or SaaS?