Brightsight expands services with SESIP certification body for the IoT market

Top Quote Brightsight, an SGS company, is now recognised by GlobalPlatform as a certification body to issue SESIP certification for IoT platforms and components, strengthening their position as the global leader in cybersecurity evaluations and certification services. End Quote
  • (1888PressRelease) November 01, 2024 - Brightsight, an SGS company, is proud to announce it is now recognized by GlobalPlatform as a Security Evaluation Standard for IoT Platforms (SESIP) certification body (CB) following accreditation from the Spanish national accreditation body (ENAC, ISO 17065 (nº: 220/C-PR490)).

    SESIP is an optimized security evaluation methodology for IoT platforms and components. Recently adopted by CEN and CENELEC as European standard EN 17927:2023, it is the cornerstone of EU cybersecurity legislation. Based on the Common Criteria standard (ISO 15408), it is specifically tailored for the IoT market and offers key advantages such as re-usability, composition and mapping with IoT vertical standards.

    The ability to provide this certification service further strengthens Brightsight’s position as the world’s leading cybersecurity laboratory, with a comprehensive one-stop-shop solution for evaluations and certification.

    Brightsight is now fully equipped to issue SESIP certification – Levels 1 to 3 – worldwide for IoT platforms and components. Services include:
    • New certificate issuance – valid for up to two years, or until the product undergoes security-related changes
    • Certificate renewal – ensures continued certification validity

    Sergio Casanova, CTO, Brightsight, said: “This achievement strengthens our value proposition, positioning us as a comprehensive, one-stop solution for cybersecurity evaluations and certifications. While our cybersecurity evaluation services (ITSEF) and certification body functions remain strictly independent, this focused approach enables us to streamline the evaluation and certification process, while maintaining the highest standards of integrity, impartiality and independence. This allows us to effectively address the full spectrum of our clients' security needs.”

    Gil Bernabeu, Chief Technology Officer at GlobalPlatform: “The addition of Brightsight as a GlobalPlatform SESIP certification body further validates SESIP as a globally recognized security evaluation framework. This milestone accelerates our mission to enhance the certification of software and hardware components in secure IoT devices, enabling manufacturers to demonstrate compliance with international cybersecurity regulations. Achieving ISO/IEC 17065 accreditation from a national accreditation body for SESIP (EN 17927) is a critical element of SESIP governance and paves the way for mutual recognition of SESIP certificates across all GlobalPlatform Certification Bodies. This development strengthens the SESIP ecosystem and underscores GlobalPlatform’s commitment to advancing and governing robust IoT security standards worldwide.”

    For more information on Brightsight CB SESIP certification services, please contact:

    Sergio Casanova
    CTO, Brightsight
    Tel: (+34) 93 220 62 63

    About Brightsight
    Brightsight joined the SGS Group – the world’s leading testing, inspection and certification company – in 2021. With 40 years of experience in cybersecurity evaluations and a growing global network of specialist testing facilities, they are the world’s leading cybersecurity laboratory for connected products. As an accredited certification body, they also offer comprehensive certification services to help businesses demonstrate compliance with a wide range of security requirements.

    About GlobalPlatform
    GlobalPlatform is a technical standards organization that facilitates the efficient deployment and management of secure-by-design digital services and devices, delivering end-to-end security, privacy, simplicity and convenience to users. By providing standardized technologies and certifications, GlobalPlatform empowers technology and service providers to develop, certify, deploy and manage digital solutions in compliance with business objectives, security requirements, regulatory standards and data protection needs.

    ###
space
space
  • FB Icon Twitter Icon In-Icon
Contact Information