Siemens Energy meets UK’s cybersecurity requirements across 12 sites


Energy technology company Siemens Energy has been awarded the Cyber Essentials Plus (CE+) cybersecurity certification by ECSC, an independent certifying body for the UK’s Cyber Essentials programme.

Introduced by the UK Government’s National Cyber Security Centre (NCSC), the Cyber Essentials Plus (CE+) certification aims to ensure that the digital frameworks and critical infrastructure of companies operating in the UK are resilient to a wide range of cyberattacks.

The certification proves the resiliency against cyberattacks of some 12 Siemens Energy sites in Great Britain and Ireland.

ECSC assessed Siemens Energy’s various cybersecurity policies and procedures including:

  • Boundary firewalls
  • Secure asset configuration
  • Patch management
  • User access controls
  • Malware protection
  • Mobile assets  

Have you read?
Hacking smart meters – a defence warning
Cloud ‘data exposure’ at North American energy supplier
National Grid Partners expands investment in energy and tech startups
DOE launches cybersecurity plan as Biden welcomes Chinese-made equipment

In total, around 5,500 digital assets were in scope of the evaluation. Siemens Energy will renew the certification every 12 months.

Steve Scrimshaw, vice president, Siemens Energy UK&I, said: “Cyberattacks are a daily risk in today’s world and these attacks are also becoming more sophisticated. The Cyber Essentials Plus certification demonstrates that we have robust procedures and protections in place as well as showing our customers and other interested parties that we take the security of their information seriously and have taken the necessary steps to reduce cyber threats. However, we see this as the starting point and will continue to evolve and improve our processes and procedures.”

Judith Wunschik, global chief cybersecurity officer at Siemens Energy adds: “Cyber Essentials Plus is a great achievement for our company and recognises our hard work for industry-leading cybersecurity standards.”