The world is becoming more and more connected, and the Internet of Things (IoT) products that bring people and information together are growing exponentially in new product segments and end markets. Yet, with connectivity comes risk. Cyber threats are a top concern for consumer and commercial network-connected products, medical devices, and industrial equipment makers.

Regardless of your product, CSA Group will work closely with you to test or evaluate your product or documentation against standards and other regulatory requirements to help you meet customer expectations. Our cybersecurity offerings include:

• Gap Analysis and System Evaluation
  Using industry-accepted standards and frameworks, we will help pinpoint cybersecurity weaknesses in products, systems, or processes and identify areas for improvement. Capabilities include assessing your organization’s software development lifecycle, individual products, and systems integrated into operational architectures (or associated services).
• Risk Assessment and System Security and Penetration Testing
  We conduct user or functional product testing against the Common Weakness Enumeration (CWE) and Common Vulnerability Enumeration (CVE) databases and assess resilience against known and unknown cyber-attacks to validate your organization’s security assurance claims.
• Custom Training Workshops
  Customizable training workshops provide practical solutions for beginning or expanding your organization’s security assurance know-how.

Trusted testing expertise
Rely on a dedicated and ISO 17025 audited cybersecurity test laboratory adept at performing comprehensive Black Box, Gray Box, or White Box Penetration Testing for your connected devices.

Testing and assessment against key standards: We can evaluate your product and software development resilience against key security industry standards and guidelines, including but not limited to:

• ISA/IEC 62443 series
• ISO 27001
• ANSI/CAN/UL 2900 series
• ETSI EN 303 645
• UL 5500

Our experts are specifically trained and knowledgeable in cybersecurity practices, possessing relevant cybersecurity education and certification, including Bachelor’s and Master’s degrees and ISSP, CISM, CISA, GICSP, and CEH. They stay up to date on the most recent developments in the cybersecurity arena by attending numerous industry conferences.

Gap analysis and organizational review
Our team has certified cybersecurity professionals who can review your processes and provide insights as to your organizational maturity using BSIMM, the NIST Cybersecurity Framework, as well as the U.S. Food and Drug Administration (FDA) Guidance for medical devices.

Reliable and broad product testing experience
We test a variety of connected products and systems, including medical devices, smart consumer products, industrial systems, automation solutions, control panels, and more.

Fortified security with customized training
Boost your in-house cybersecurity competencies with custom training workshops that offer detailed reviews of key standards and other critical cybersecurity topics.