By Emma Lundberg
In today’s digitized society, fiber and utilities such as electricity, water, heating and gas are documented in software systems. This allows telecom and utility owners to have control of the delivery of these modern conveniences, ones that most of us take for granted. With the increased digitalization, there is inevitably also the threat of cyber attacks. These threats apply to all businesses, regardless of size or industry. Failure to have adequate security measures can lead to serious consequences. This includes business disruptions, financial losses, damaged reputation, and in some cases, legal penalties.
For critical infrastructure, which is what Digpro’s customers deliver every day, data not correctly handled could have devastating consequences. Therefore, Digpro has now gained an ISO 27001 certificate, to ensure that data is managed according to this standard.
ISO 27001 – a standard helping organizations to secure their assets
ISO 27001 is an international standard which adheres to managing information security. The standard originates from the International Organization for Standardization (ISO). It details requirements for establishing, implementing, maintaining and continually improving an Information Security Management System (ISMS), aiming to help organizations make the information assets they hold secure.
Security on the agenda
At Digpro, security has always been of utmost importance, both regarding technical and human factors. We have long since worked according to the standard ISO 27001, this to ensure both our customers and ourselves that data is worth protecting. To pursue an ISO 27001 certification was a natural step, let alone to meet the (rightfully) demanding needs of the NIS2 directive.
The ISO 27001 certification means:
- Structure in our systematic information security work
- Support for document classification
- Guidelines on how different documentation classes should be handled during transactions
- Training in security awareness for all employees
- Security routines at the Digpro office
Above all, our existing routines are documented and scrutinized by the ISO. And I could not be happier about how everyone at Digpro has embraced the work we put in to get the certification – that is what we call “The Digpro way”.
Data integrity versus data availability
A constant balance as regards security is the balance of data integrity and data availability. Our solutions include mobility, so that field engineers can access network information whilst in the field. As this reduces the risk of hardcopies going astray, it is also a concern for many companies that data leaves the office. We can now prove that the routines for this are safely handled. And our customers can truly trust the transparency and reliability.
A secure future
The ISO 27001 certification is proof that we are keeping up with the times. We are proactive in our security work, both externally and internally, thus providing reliability for both us and our customers.
Through our ISMS, we have gained a tool for:
- Systematic security improving work
- Support (should a crisis arise)
- Incident management
- Risk assessments
- Onboarding processes
Above all, together with our customers, we are preventing and mitigating potential problems. And frankly, I cannot see how we could better prepare for a continuous trusting relationship with our customers, as well as the NIS2 directive.
Meet the expert
Emma Lundberg is Chief of Security Officer (CISO), as well as Head of R&D, and Sustainability Coordinator, at Digpro, where she worked since 2009. She holds a Master of Science in Geodesy and GIS from the Royal Institute of Technology (KTH) in Stockholm. With a background as a technical surveyor, she has also worked with support, customer responsibility, and map data.