The information security efforts of the defence industry usually focus on two different factors:
- ensuring security against (industrial) cyber espionage by foreign governments
- ensuring compliance in a constantly more stringent regulatory environment (cf. The Finnish National security auditing criteria Katakri, NATO requirements).
There are several ways we have helped our customers address these factors, including the development of secure networks compliant with the level II requirements of Katakri and by providing security snapshots based on centralised log management. We have helped our customers in achieving Katakri compliance by providing advice and by helping to test and improve the security of their systems and software products. Correspondingly, we have participated in the security management of subcontractor chains.
Our range of consultation services for cyber security software developers is also extensive, and includes the development of security-critical components. We also coach and spar with our development team in the use of secure software development methods.
Nixu's offices are designed so that we can carry out projects which require the TLL 3 level of confidentiality (Finnish Government standard). If necessary, project materials are processed in isolated information systems and with additional access management protocols in place.