TÜV SÜD Akademie GmbH
Booth number: 5469-7
www.tuvsud.com/
About us
TÜV SÜD supports organizations with independent cybersecurity testing, certification and advisory services across regulated industries.
Cybersecurity testing, cybersecurity certification, regulatory compliance, product security, critical infrastructure security, OT and industrial security, cloud security, vehicle cybersecurity, AI, risk management, ISO 27001, UNECE R155/R156, NIS2, Cyber Resilience Act.
Address
Westendstraße 160
80339 München
Germany
E-mail: info@tuvsud.com
Phone: +49 170 2025727
Internet: www.tuvsud.com/
401 Edgewater Place Suite 500
MA 01880 Wakefield
United States
E-mail: info@tuvsud.com
Phone: +1 978 5732500
Internet: www.tuvsud.com/en-us
10 Woodbridge Center Drive
Suite #700
NJ 07095 Woodbridge
United States
E-mail: info@tuvsud.com
Phone: +1 732 8274400
Internet: www.tuvsud.com/en/services/technical-advisory/global-risk-consultants
Contact person:
Sudhir Ethiraj
Global Head of Cybersecurity Office (CSO) & CEO Business Unit Cybersecurity Services
E-mail: sudhir.ethiraj@tuvsud.com
Products & Services
As an independent third-party testing and certification organization, the TÜV SÜD team have expertise in data regulations and product cybersecurity in specific markets, as well as a deep understanding in the field of cyber threats. The TÜV SÜD team of experts cooperate with customers around the world to fully realize their digital operations.
Data protection assessment service
• EU-General Data Protection Regulation (GDPR) Compliance Service
• Personal Information Protection Law (PIPL) Compliance Service
• Supply Chain Information Security Audit
• Data Protection Impact Assessment (DPIA)
• Cyber Security Law (CN-CSL) compliance services
• Data Security Law (CN-DSL) Data exit security assessment
• External Data Protection Officer Service/ Data Protection Coordinator
• Service Organisation Control (SOC) Reporting Service
Testing
• Web & Application Penetration testing (OWASP/CWE)
• Consumer IoT Products Penetration testing (OWASP)
• Medical Devices Penetration Testing
• IoV (Internet of Vehicle) Penetration Testing
• Infrastructure Penetration Testing
• Mobile Application Security Analysis
• End Point Security Analysis
• Simulated Phishing Email Attack Service
• Industrial Control Equipment Penetration Testing
• Intelligence Lift System Penetration Testing
• Battery Energy Storage System Penetration Testing
Automotive cybersecurity
• Automotive cybersecurity management system assessment (CSMS certification and ISO/SAE 21434 process and product certification)
Railway applications cybersecurity
• Provide IEC 62443 and TS 50701 assessment for asset owners, service providers, and product integrators (including Signaling and Rolling Stock)
Consumer IoT products market access
For the consumer IoT products market, some countries have issued relevant mandatory laws and regulations on cybersecurity, and some regulations have been included as part of mandatory certification. TÜV SÜD provides customers with the following cybersecurity compliance services in regional markets such as:
• Brazil cybersecurity assessment
• India cybersecurity assessment
• Japanese market access certification
• Singapore market access certification
• UK market access assessment
• EU market access assessment
• North America cybersecurity assessment
• Latin America cybersecurity assessment
Industrial cybersecurity
• Industrial communication networks security: IEC 62443
• Smart Industry Readiness Index Assessment
• Risk assessment based on machinery regulation
• Energy smart appliances –Demand side response operation – Code of practice
• Distributed Energy Resources – Cyber Security Connection Guidance Training and Assessment
• Industrial cyber security training, gap analysis
• Cybersecurity Assessment Related to the Functional Safety Lifecycle
EU General Data Protection Regulation (GDPR) Compliance Assistance
TÜV SÜD recommends that organizations identify processes falling under the scope of the GDPR, and that they conduct initial checks by aligning existing processes with the new requirements. As the EU GDPR has already come into effect, it is high time to complete the implementation of compliant processes and systems.
A leading expert on regulatory frameworks and process optimization, TÜV SÜD supports businesses in the process of becoming GDPR compliant.
ISO/SAE 21434 and IEC 62443 certification
Cybersecurity for safety components is becoming increasingly critical as industries evolve with greater connectivity and automation. In today’s world, the risk of cyber-attacks has intensified. The convergence of information technology (IT) and operational technology (OT) creates new vulnerabilities and makes safety components more susceptible to cyber threats. From automotive systems to industrial automation, ensuring cybersecurity is essential for protecting both the functionality and safety of these systems.
Standards such as ISO/SAE 21434 for automotive cybersecurity and IEC 62443 for industrial automation have emerged in response to these threats. They are becoming benchmarks for demonstrating commitment to cybersecurity and enhancing trust among stakeholders. TÜV SÜD cybersecurity services for ISO/SAE 21434 and IEC 62443 certification can help you show compliance and safeguard your systems and safety components.
IT penetration testing
Penetration testing (pen testing) is a simulated real-world hacker attack against an organisation’s IT infrastructure, internal/external processes, or application. It identifies vulnerabilities which are exploited and is used to implement or improve cyber-attack prevention strategies.
TÜV SÜD is a global leader in IT and cyber security and data protection. We are your trusted partner for advanced IT penetration and security testing. Our commitment to excellence and our extensive experience ensure that you are always a step ahead of potential security breaches and are able to strengthen your resilience to cyberattacks.
NIS-2 Compliance services
NIS-2 is an update of the European Union’s Network and Information Security (NIS) Directive to enhance cybersecurity and resilience across organisations in the EU. The NIS-2 Directive came into effect in January 2023, with the official deadline for transposition into national law set for 17 October 2024, and most of the requirements already being enforced among the majority of EU member states.
NIS-2 compliance is crucial for organisations active within the European Union (EU). By adhering to NIS-2, businesses can effectively identify and mitigate cybersecurity risks, reducing the chances of operational disruptions caused by cyber incidents and avoiding significant fines or reputational damage.
Customers and clients are increasingly aware of cybersecurity vulnerabilities that can affect network and information systems along their entire supply chain. Achieving NIS-2 compliance not only builds trust and confidence but also provides a competitive edge, reassuring them that their data and information are secure when partnering with your organisation.
TÜV SÜD’s NIS-2 services not only safeguard your business against cyber threats, they also position you as a reliable and secure partner, enhancing your reputation and fostering long-term growth and sustainability. With our support, you ensure continuous protection and compliance, allowing your business to adapt to evolving cyber threats while maintaining a strong market position.