Advisory and Consulting Services
We can help you specify, design, implement and deploy IT solutions from start to finish to support your organisation’s strategy.
The information security certificate gave Aidon a competitive advantage in customer acquisition and more structure for internal processes
Aidon, a supplier of smart grid and electricity metering solutions, puts the data accumulated from distribution networks to use in its business operations, for example, to help build automation. With the help of Telia Cygate, Aidon, which operates across the Nordic countries, has obtained the ISO 27001 information security certificate, which has helped streamline the company's internal information security management and increase its credibility in the market.
An increasing portion of electricity distribution networks are connected to telecommunications networks, generating massive amounts of data. With the development of smart solutions, the importance of information security within the industry has increased.
"Electricity distribution is an integral part of a society’s infrastructure and an object of interest to cybercriminals. A successful attack on a distribution network could have catastrophic consequences: in 2016, for example, criminals managed to cut power to the Ukrainian capital of Kiev in the middle of winter, in sub-zero temperatures," explains Harri Valkonen, Product Development Manager at Aidon. "In addition, distribution network companies have massive amounts of personal data that must not fall into the wrong hands. The information security of electricity networks must therefore be protected at all costs."
According to Valkonen, Aidon has always been highly committed to information security, and not only because of the strict industry regulations. However, they did not yet have the ISO 27001 information security management system certificate, which has been highly regarded among customers in the recent years. In addition, the certificate had appeared on the wish lists of potential customers in several tendering competitions.
What is the ISO 27001 certificate?
• An information security management system certificate issued by the globally operating standardization organisation ISO.
• Covers the information security of the entire company, from management to technical solutions.
• Requires an annual independent audit.
• Renewed every three years.
Comprehensive information security with the help of a partner
Aidon determined that having the ISO 27001 certificate would be important for the continuity of its business and asked Telia Cygate for assistance in obtaining the certificate. "Telia Cygate first drew a current situation analysis for us, and based on those results, we began to address the shortcomings of our information security management system together," Valkonen says.
According to Valkonen, the areas of improvement were mostly related to the company's administrative security, such as the guidelines related to vulnerability management and monitoring. Executing the corrective measures took about a year, and after that, Aidon was granted the ISO 27001 certificate as a result of an audit in the autumn of 2020.
The certificate benefits both internal operations and customer work
"We have received a lot of positive feedback from our customers about the certificate, and participating in tendering competitions is now easier than before, since we no longer need to prove our expertise in information security – the certificate is evidence enough," Valkonen says of the benefits of the certificate. "The certification process has also significantly improved our internal operations. Information security awareness in our company is now better than before, and the quality of system control has improved."
Valkonen is pleased with the collaboration with Telia Cygate's information security experts. "The next time we need consultation in information security, I'll know who to turn to," he concludes.