Digitalisation presents industry with new kinds of safety challenges: networked systems and intelligent solutions demand stronger protection than ever before. Cybersecurity is no longer merely a technical support function but a legislatively mandated part of business continuity and a culture of safety.
As industrial systems open to the outside world, operational safety and cybersecurity become closely intertwined. Their cooperation determines how reliably and seamlessly digital and physical solutions function.
The evolving role of cybersecurity
In recent years, the development of cybersecurity has become more systematic and planned.
Industrial digital solutions require protection, and safety is directly linked to business continuity and the uninterrupted functioning of production processes. Digitalisation challenges traditional approaches to safety in industry, as in previously closed factory environments, cybersecurity did not need to be considered so broadly.
“Long system lifespans and digitalisation bring both new opportunities and threats, especially if systems are based on legacy technology. In industry, operational safety and cybersecurity now go hand in hand, building comprehensive protection,” says Tarmo Kellomäki, Head of Cybersecurity at Gofore.
In digitalised physical products, cybersecurity and operational safety are closely connected. Operational safety ensures that a system functions safely even in fault situations, while cybersecurity protects it from attacks and unauthorised use.
In networked systems, these perspectives overlap: a cyberattack can paralyse the device’s operational safety protection, which in the worst case can cause physical harm to people and the environment. For this reason, safety must be designed as a whole, combining risk analyses, processes and requirements already at the development stage. An integrated approach ensures that systems are both safe and secure throughout their entire lifecycle.
EU-level legislation, such as the Cyber Resilience Act and the NIS2 Directive, obliges and guides the development of cybersecurity in a significant way. Cybersecurity is a required element in all digital solutions. Success in Europe and business continuity demand investments in cybersecurity and compliance. Those who act proactively enhance their credibility and reliability.
When artificial intelligence and its potential use in hostile cyber activities are added to the mix, the requirements for cybersecurity rise even further. Cybersecurity must therefore be considered at all levels of an organisation, with responsibilities allocated to different roles: “Every organisation becomes a security organisation,” says Kellomäki.
Hackathons strengthening industry safety
Hackathon-type events play an important role in highlighting cybersecurity and strengthening a culture of safety. Hackathons enable new kinds of experimentation with emerging technologies and the sharing of lessons across sectors.
Gofore’s cybersecurity team participated in Kempower’s Hack Day event in November, where the security of Kempower’s electric vehicle charging solutions was put to the test by 50 ethical hackers.
“At Kempower’s Hack Day, we had a great opportunity to combine Gofore’s and Huld’s cybersecurity expertise. The findings from the day will help support the cybersecurity and compliance of Kempower’s products,” says Kellomäki.
“Hack Day brings together Finland’s best cybersecurity experts and Kempower’s teams to develop together. This cooperation accelerates product development and ensures that we can respond to changing market needs. Hack Day helps us anticipate vulnerabilities and develop solutions that support Kempower’s position as a leader in the field,” says Tero Vuori, Kempower’s Head of Cyber Security.