DNV boosts cyber security business

DNV has developed what it claims is one of Europe’s fastest growing cyber security businesses following the acquisition of Netherlands-based Applied Risk in 2021 and Finland’s Nixu in 2023. The merger brings together more than 500 cybersecurity experts to safeguard IT and industrial control systems across a range of industrial sectors.

The merged business will work with partners, customers, and the security community to develop industry best practices, DNV said. It will benefit from DNV’s longstanding commitment to reinvest 5% of revenue in research and development initiatives.

Remi Eriksen, group president and CEO of DNV, commented: “Cyber security is a defining risk for the coming decade. Cyber risks can have huge safety, reliability, environmental, and financial impacts and threaten the functioning of our societies. This merger combines Nixu’s broad portfolio of IT and managed cyber security services, Applied Risk’s leading position in securing industrial control systems, and DNV’s domain expertise in critical infrastructure industries. Together, we have created a business that delivers on all aspects of our customers’ cyber security needs and prepares us for significant future growth.”

Teemu Salmi, CEO of Nixu, has been appointed as head of the combined business, which will be called DNV Cyber from the middle of this year. It will operate from eleven countries, offering a portfolio of consulting and managed cyber security services. 

“We are on a united mission to become the most customer-centric cyber security services business in Europe,” Salmi declared. “Enabling this are the exceptional people who make up our business and deliver value to customers. This is the place where cyber security professionals will grow and make a difference. And it is where businesses across the world will seek the trustworthy technical expertise they need to enhance safety and resilience in an era of rising digital risk, geopolitical uncertainty, and tightening regulation.”

DNV and Nixu have also combined their management systems certification businesses, increasing the capacity to provide information security certification and training services. These include information security management systems certification (ISO/IEC 27001), national security assessments, CSA STAR cloud service certifications, payment card industry (PCI) security assessments, and healthcare information system security assessments.

Article Editorial staff Ship&Offshore
Article Editorial staff Ship&Offshore