“Huld’s expertise and vision in cyber security impressed us. Huld took full charge of the project and strengthened the importance of cyber security and quality in our company.” – Kim Dikert, Founder, Cactos.
Cactos’ electricity storage system provides a cost-effective solution to store electricity locally and strengthening societal crisis resilience. As part of the energy infrastructure, Cactos’ solution stores and releases energy into the grid as needed.
As a provider of services critical to society, Cactos is included in the European Union’s Network and Information Security Directive, NIS2, and thus the Finnish Cybersecurity Act. This places strict obligations and requirements on Cactos’ cyber security and risk management.
As a responsible company, Cactos partnered with Huld to assess and develop Cactos’ cybersecurity.
At the start of the cooperation, Cactos and Huld outlined the goals and objectives to strengthen cyber security. Then, the work began conducting a gap analysis against the IEC 62443-4-1 cybersecurity standard.
Cactos’ development processes were reviewed in workshops, where Cactos’ knowledge and Huld’s cybersecurity expertise were combined. The work included threat modelling and risk analyses, as well as open and confidential discussions about cybersecurity challenges and solutions.
As a result of the gap analysis, a tailored report and action plan was created for Cactos, listing concrete and prioritized actions to improve cybersecurity and meet the requirements of IEC 62443-4-1.
In addition, Huld created a threat modelling and risk analysis tool for Cactos and taught how to use it independently.
“Cactos is an important part of critical infrastructure, which means that the need for cybersecurity development is emphasized. We achieved high-quality results. Our collaboration is a great example of how we can work with both large listed companies and startups and add value.” – Tero Kuusela, Information Security Consultant, Huld.
Once the groundwork against the IEC 62443-4-1 cybersecurity standard had been completed, the cooperation continued with more detailed implementation NIS2 Directive and its counterpart, Finnish Cybersecurity Act.
To apply the NIS2 Directive specifically to Cactos’ operating environment, background material was gathered and customer interviews were held. Then, Huld conducted a gap analysis for NIS2 Directive based on the data, using an assessment method developed by Huld’s experts.
Cybersecurity risk management plays a big role in the NIS2 Directive, so the work was established on risk-based security principles. The safety controls were prioritized based on risk severity and the required measures and resources. This helps Cactos to meet the NIS2 Directive requirements efficiently and logically.
In addition to the report, Cactos will receive a roadmap consisting of prioritized tasks to comply with the NIS2 Directive and to refine Cactos’ risk management process. This will help Cactos develop and maintain its cybersecurity in the future, both independently and with a partner.
“The management teams in general have a legitimate concern about the NIS2 Directive and how to cope with its requirements. In this case, too, we were successful in identifying the core needs and how to address them. Throughout the project, Cactos’ representatives learned a lot about the NIS2 Directive and cybersecurity.” – Olli Pitkänen, Information Security Consultant, Huld.
As a result of the collaboration, Cactos received concrete and clear proposals and tools for developing its cybersecurity. These measures will help Cactos meet the requirements of IEC 62443-4-1 and the NIS2 Directive.
Through the collaboration, Cactos learned valuable general knowledge about cybersecurity and risk management, improving its ability to respond to potential cybersecurity threats. Cactos strengthened its position in the energy market and as a provider of services critical to society.
“Product development is our core business, and Huld brought in external cybersecurity experience and quality assurance expertise. Huld adapted its way of working to suit us, and when new needs were identified, we easily recieved additional expertise under the same roof.” – Kim Dikert, Founder, Cactos.