Press release, KONE Corporation, May 3, 2023
KONE Corporation, a global leader in the elevator and escalator industry, has gained the IEC 62443 cybersecurity certification for its DX class elevators, and ISO 27001 certification for its digital services, including KONE 24/7 Connected Services. These achievements are a first for the global elevator and escalator industry.
Johan Boije af Gennäs, Chief Information Security Officer, KONE, says: "We can see a need to enhance cybersecurity as digitalization increases throughout the industry and the built environment. Solid security practices provide peace of mind for our current and future customers because security is built-in rather than being considered as an afterthought. These certifications are important milestones and a measure of our continuous improvements in cybersecurity and encourage our cross-functional KONE teams to continue the hard work towards better security."
"Quality has always been high on the agenda at KONE, and cybersecurity is becoming an increasingly important part of today's world, where physical and digital are interconnected. We are proud to be the first in our industry to achieve these certificates for the elevator controller and our digital services, including KONE 24/7 Connected Services", says Maciej Kranz, Chief Technology Officer, KONE.
To achieve the certifications, KONE underwent
rigorous independent audits conducted by third-party certification
bodies. The audits evaluated the company's cybersecurity and
information security controls and processes, including policies,
procedures, technical controls and
requirements.
The certifications also demonstrate
KONE's commitment throughout its secure development process,
including steps such as threat modeling, security testing, and
vulnerability management throughout the product lifecycle. KONE
also implements around-the-clock security monitoring for its
connected digital solutions. This also means that the DX class
elevator is aligned with the new ISO 8102-20 cybersecurity standard
for elevators, escalators and moving walkways, which KONE has been
involved in creating, alongside industry
peers.
KONE continues to explore and develop the digital possibilities and value created by its DX class elevators, with services such as KONE 24/7 Connected Services and KONE Care DX. By working towards better standards in the industry and continuously developing its own capabilities, the company seeks to help customers build better people flow and more sustainable cities.
For further information, please
contact:
Gia Forsman-Härkönen, Senior Communications
Manager, KONE Corporation, tel. +358 50 324 30 78,
media@kone.com
Read more
Read more about KONE DX Class
elevators
For images and videos, visit KONE's Material
Bank
Previous press releases are available
at https://www.kone.com/en/news-and-insights/releases/ including:
January 21, 2021: KONE announces an
open competition to connect almost anything to an
elevator
May 7, 2020: KONE DX Class elevators win four prestigious
Red Dot Design Awards
November 29, 2019: KONE DX Class elevators take the industry
into a new era - the world's first elevator series with built-in
digital connectivity as standard
About
KONE
At KONE,
our mission is to improve the flow of urban life. As a global
leader in the elevator and escalator industry, KONE provides
elevators, escalators and automatic building doors, as well as
solutions for maintenance and modernization to add value to
buildings throughout their life cycle. Through more effective
People Flow®, we make people's journeys safe, convenient and
reliable, in taller, smarter buildings. In 2022 KONE had annual
sales of EUR 10,9 billion, and at the end of the year over 60,000
employees. KONE class B shares are listed on the Nasdaq Helsinki
Ltd. in Finland. www.kone.com
More information about the International
Standards and certification:
ISO 27001 is a management system standard for
information security, cybersecurity, and privacy protection. It is
a best practice framework to ensure a systematic and risk-based
approach to security management. This is especially crucial for
customers in the transportation, airports, and utility segments,
where security is a critical requirement when choosing a partner to
work with.
The International Standard IEC 62443-4-1 defines secure development lifecycle requirements related to cybersecurity for products intended for use in the industrial automation and control systems (IACS). These requirements can be applied to new or existing processes for developing, maintaining, and retiring hardware, software, or firmware.
The International Standard IEC 62443-4-2 defines detailed technical requirements for industrial control system components. The requirements are organized as seven foundational requirements, and each component requirement can be specified at up to four security levels.