Valmet developed a certified information security management system in collaboration with Insta

About Valmet

Valmet is the leading global developer and supplier of technologies, automation and services for the pulp, paper and energy industries. Valmet’s automation solutions are designed to maximize the profitability of Valmet’s customers’ businesses by improving production performance and cost, energy and material efficiency. The worldwide network of experts supports Valmet’s extensive range of automation solutions and services. Valmet has also established a position in other process industries and marine industry

Valmet Automation Business Line acts in multiple roles in industrial automation and control systems. As a product supplier, Valmet develops the Valmet DNA automation platform and other control system products. As a system integrator, Valmet delivers automation solutions to asset owners. As a service provider, Valmet takes care of the delivered automation solutions throughout their entire life cycle.

The challenge of securing the entire supply chain

Valmet Automation Business Line has been developing their cyber security capabilities systematically for decades. Unlike many other organizations, which select a small critical subset of their operations to be certified, Valmet set a more ambitious goal to define, create and implement a holistic information security management system with the scope of including the whole customer supply chain from R&D to sales, delivery projects and lifecycle services. The Valmet ecosystem also includes partners, who also play an important role in information security. Valmet’s customers appreciate and expect comprehensive management of cyber security, taking into account technology, people and processes.

New information security management system

Valmet’s cyber security experts and Insta’s security advisors developed an information security management system to cover the entire customer delivery supply chain. The team paid special attention to training the staff and increasing the personnel’s awareness of cyber security, and to tools which make it easy to apply and follow the information security management system. Thanks to the tooling, it's easy for the members of the organization to manage information security in practice. The visibility given by the tools also helps with continuous maintenance and improvement of the information security management system.

Valmet was granted a ISO/IEC 27001 certificate for their information security management system in August 2020. Please find Valmet’s certificate at this link: https://baproddnvglbcvecert-frontend.azurefd.net/certificate/v0/10000359075-MSC-UKAS-FIN

Benefits

We developed a new information security management system together with Insta. The development, adoption and ISO 27001 certification of the system was a huge success. The system was built to be extremely practical and we managed to integrate it very well to the organization’s existing ways of working. Thanks to this project, the awareness and know-how of cyber security have risen to a higher level throughout the organization. It is my pleasure to recommend Insta’s cyber security expert services to other organizations. - Markku Tyynelä, Security Manager,Valmet Automation Business Line

The benefits of an information security management system include:

• A credible information security management system builds customer confidence and is a selling point

• Being able to show ISO27001 alignment or ISO27001 certification is an internationally recognized way of communicating about properly managed information security

• With a risk-based approach to information security, company can prioritize and concentrate on the most relevant risks and seize opportunities

• Less security related problems often means savings of money and resources

• Operations are smoother when responsibilities and processes are clearly defined

• To increase information security awareness across the company