Address threats to your projects and operations before hackers can exploit them by integrating best practices for handling risks, managing controls and barriers, and ensuring you are up to date and comply with the latest standards and regulations.


Understand risk in your operational technology (OT) and IT and infrastructure, build a powerful force of defence against cyber attacks, and win stakeholder support for your governance, risk and compliance strategies.

DNV combines specialist industry knowledge with engineering expertise and information system best practice to assess your critical infrastructure from every angle. We help you see your information and control systems clearly and completely, giving practical advice on the vulnerabilities and non-conformities you must address to stay confidently cyber secure.


Build cyber security resilience

Overcome gaps in your organization’s cyber security defences to ensure the resilience of your critical information systems, and boost confidence that your processes and procedures cover the latest threats and industry best practices.


Our governance, risk & compliance services

Our robust governance, risk and compliance services enable you to establish cyber security maturity across your organization, including:

  • OT and IT risk and maturity assessments
    Understand where your technology, processes and people are exposed, and the technical, administrative and physical controls you need to implement to reduce the likelihood and consequence of cyber attacks.
  • Standards gaps analysis and compliance
    Identify the cyber security standards and regional/national regulations that apply to your organization and industry, including IEC 62443 for OT systems, ISO 27001 ISMS for IT and the NIST framework. We support you to find the gaps before they are exploited.
  • Cyber security management
    Implement a fully documented risk management system with the support of our dedicated risk management tool and practical advice on the policies and procedures you need to stay cyber secure.
  • Control room security
    Identify and address critical security gaps in your control rooms and operations centres through our independent assessments of your cyber security exposure and advice on barriers to reduce the likelihood and consequences of cyber incidents.
  • Cloud deployment assessments
    Assess risk, ensure compliance and safely deploy business-critical assets to the cloud by adopting industry best practices for cloud security, including CIS Benchmarks, ISO 27005 and NIST.
  • Cyber security due diligence
    Verify that critical infrastructure and information systems meet relevant standards and regulation, and are compliant with best practices in people, technology and processes through our red flag assessments.
  • Supply chain audits
    Ensure that suppliers and vendors comply with your cyber security requirements. We audit cyber security across your entire supply chain to identify and eliminate the risk of third-party compromise.
  • Cyber security incident preparedness
    Prepare your organization to tackle incidents before they occur through proactive planning, training and testing of cyber security incident management processes.
  • Maritime cyber secure class notation
    Demonstrate cyber security capabilities and IMO compliance with DNV Cyber secure class notation. The class notation has been developed to address the cyber security of a vessel’s main functions and the owner’s operational needs. It establishes recognised requirements for vessels and offshore units in operation and newbuilds across different segments and security levels. Find out more

Why work with DNV?

As a leading independent expert in risk assessment and mitigation, DNV has the tools, methodology, competence and domain knowledge that you need to address the safety and security of your critical OT and IT infrastructure. Our services will allow you to establish and implement transparent and trustworthy cyber security policies, and provide the evidence, assurance and certification needed to overcome challenges with resourcing and budgeting programmes or the communication of cyber security procedures within your organization.

Our cyber security services

 

Strategy & programme

Develop effective cyber security strategies and programmes, even when you face tight deadlines

 

Testing & verification

Test and verify the resilience of systems, networks and components, and access practical, unbiased advice to enable you to prioritize mitigation of vulnerabilities

 

Safety & security risk management

Ensure security and safety in the design of new and existing projects

 

Governance, risk & compliance

Implement robust governance, risk and compliance

 

Detection, response & investigation

Respond and recover effectively from cyber attacks

 

Insights & training

Ensure that you have the right insights and training in place to build awareness across the full lifecycle of your operations

Learn more

 

Cyber maturity assessment