Cybersecurity along with data privacy and protection are key pillars of our Trust Charter as we seek to gain resilience and increase trust within our greater ecosystem. Schneider Electric’s dedication to safeguarding critical infrastructure is articulated through its Zones of Influence via four key dimensions: people, company, suppliers and partners, and customers and authorities.
Our cybersecurity partnerships
We work collaboratively with cross - industry organizations to enable digital trust, including the following:
- World Economic Forum Centre for Cybersecurity - Partner
- ISA Global Cybersecurity Alliance - Founding member
- Cyber Tech Accord - Signatory
- Department of Energy CyTRICS program – First participating manufacturer to test products used in the U.S. grid
- Singapore Cyber Security Agency Operational Technology Cybersecurity Master Plan - Co creation partner
- CISA Industrial Control Systems Joint Working Group (ICSJWG) – Working group leadership
- International Electrotechnical Commission (IEC) - Participant in standards development
- International Organization for Standardization (ISO) - Participant in standards development
- Cybersecurity Coalition - Member
- OT Cybersecurity Coalition - Member
- Connectivity Standard Alliance - Member
- EU Stakeholder Group for Cybersecurity Certification - Member
- European Cyber Security Organisation (ECSO) - Member
- Paris Call for Trust and Security in Cyberspace - Supporter
Our global cybersecurity certifications
ISO 27001:2022 demonstrates our ongoing commitment to manage information securely in compliance with regulations.
CREST Certification for Penetration testing acknowledges our product security teams for their skills and proficiency when it comes to testing the resilience and security of the company’s products and systems.
ISA/IEC 62443-4-1 Secure Development Lifecycle (SDL) process demonstrates that our product and system development practices are in line across all software and system development lifecycles. Our SDL is certified to the TÜV Rheinland Cyber Security Management (CSM) certification.
See the TÜV Rheinland Cyber Security Management (CSM) certificate
The ISASecure SDLA certification program pertains to suppliers' development lifecycle processes for control system products. It ensures compliance with the security requirements outlined in IEC 62443-4-1, also known as ANSI/ISA-62443-4-1, which focuses on secure product development lifecycle requirements for industrial automation and control systems.
CyberVadis assessment demonstrates our maturity based on international information security standards such as ISO 27001, NIST Cybersecurity Framework, Cybersecurity for ICS, PCI-DSS, and GDPR.
CyberGRX assessment details our compliance with industry standards and security protocols, such as NIST Cybersecurity Framework, ISO 27001, PCI-DSS, etc.
Vulnerability Handling & Disclosure process certification with ISO/IEC 30111:2019 and ISO/IEC 29147:2018 affirms our commitment to addressing vulnerabilities affecting our products and protecting our customers.
Why trust is at the center of everything
“Cybersecurity people are trained not to trust anything but need a little trust in each other to share keys to success” - Andre
