Testing & verification

Minimise the risk of a cyber incident by employing systematic testing services, including ethical hacking, to identify and help prioritize and mitigate cyber security gaps in your people, processes and technologies.

Meet and exceed compliance requirements for projects and operations through proactive and systematic testing and verification of critical infrastructure.

Build confidence through independent verification that your systems, products, and components are secure by achieving compliance with specific standards, regulation or client requirements.

Identify and fix potential breach points in your operational technology (OT) or IT environments that may lead to a cyber incident as a result of human error or third-party attack, and demonstrate to stakeholders that your projects and operations are safe and secure.

Knowledge to build a powerful force of defence

DNV’s structured approach to cyber security testing and verification provides organizations with peace of mind that their systems and products are secure and aligned to best practices.

Our team of cyber experts identifies weaknesses in OT and IT systems and networks via ethical hacking (penetration testing), using the same tools and techniques employed by malicious hackers to test the integrity and security levels of networks.

Drawing on our extensive background and expertise in testing and verification in the maritime, renewables, electricity infrastructure and distribution, and manufacturing industries, we evaluate products, components, systems and networks against national and international industry standards and regulations, DNV Class rules and company requirements. In addition, we advise on which standards, regulation or requirements to apply or mandate, and how to interpret applicable standards (such as IEC 62443) across specific industries, asset types and components.

Our testing & verification services

From technical misconfigurations, insecure password protocols, poor internal awareness or lack of network segregation, we test and verify the security of relevant people, processes and technology from the ground up, including:

• Cyber security verification
  Reduce the likelihood and consequences of cyber attacks through independent and in-depth assessments of your critical infrastructure against industry best practice, selected standards, and DNV recommended practices.
• Penetration testing
  Put the integrity and security of your OT and IT environments to the test through ethical hacking to identify and address vulnerabilities and exploitable breaches.
• Product evaluations
  Gain knowledge of your compliance status, or what you need to do to achieve compliance with relevant standards, regulation and/or requirements, such as IEC 62443, ISO 27001/27002/27031, or the NIST 800-series.
• Cyber security incident preparedness
  Prepare your organization to tackle incidents before they occur through proactive planning, training and testing of cyber security incident management processes.
• Maritime cyber secure class notation
  Demonstrate cyber security capabilities and IMO compliance with DNV Cyber secure class notation. The class notation has been developed to address the cyber security of a vessel’s main functions and the owner’s operational needs. It establishes recognized requirements for vessels and offshore units in operation and newbuilds across different segments and security levels. Find out more

Why work with DNV?

Underpinned by in-depth industrial control system knowledge and a systematic approach, DNV’s independent testing and verification services are trusted by companies across the world to ensure and improve the cyber security properties of critical assets and systems.