News

Kiwa achieves official accreditation for EN 18031 – supporting manufacturers towards EU product cybersecurity compliance

Kiwa is now officially accredited for EN 18031 parts 1, 2 and 3 – the newly introduced European cybersecurity standards for products. This accreditation positions Kiwa among the first bodies in Europe to support manufacturers in meeting the requirements of the upcoming EU Cybersecurity Regulation, which becomes mandatory as of 1 August 2025.

Read the full story

Cyber Resilience Act: Time to take action

The Cyber Resilience Act (CRA) is the first European law to introduce mandatory cybersecurity requirements for all digital products entering the EU internal market. A national consultation was recently concluded in the Netherlands to determine how this law should be implemented Dutch legislation. In the meantime, manufacturers, importers and distributors of products covered by the CRA can already start preparing for what’s to come.

NEN 7510 for healthcare sector information security updated

The NEN 7510 standard for information security in the healthcare sector has been revised. The new NEN 7510-1:2024 was published on 16 December 2024 and replaces the previous version, NEN 7510:2017+A1:2020. The old version of the standard can still be used for certification under accreditation until 20 February 2027.

ISO 27001 and ISO 42001: A perfect match for information security and AI management

To implement AI safely and responsibly, international standards such as ISO 27001 and ISO 42001 play a crucial role. While ISO 27001 focuses on data protection, an AI management system (AIMS) under ISO 42001 is designed to manage and optimize the use of AI within an organization. By combining ISO 27001 and ISO 42001, businesses can develop a stronger and more proactive approach to information security.

The importance of input validation in IoT security

Cybersecurity has been a passion of mine for years. My journey in this field began out of curiosity, leading me to specialize in web penetration testing. Since joining Kiwa, my focus has shifted to IoT security, with an emphasis on testing against standards like ETSI EN 303645. One topic that consistently fascinates me is input validation—an area where web penetration testing and IoT security assessments often intersect.

Revised NEN 7510 published

To keep quality standards relevant and up-to-date, they are periodically revised. Following the revision of ISO 27001 in 2022, a new version of the NEN 7510 has recently been published. Below, we highlight some of the key changes in the NEN 7510:2024.

Interfaces

I am Jelte Derksen, an ethical hacker working at Kiwa NL. I got into the field of ethical hacking after initially pursuing studies that were, frankly, a terrible fit. Consequently, I pivoted into IT as a SCADA administrator. Once I had a solid grasp of the basics, I transitioned into IoT development and Data Engineering before landing in the field of security.

‘ISO 27001 certificate builds trust’

Recently, Kiwa extended Heijmans' ISO 27001 certification, affirming Heijmans' efforts in information security. Raymond van Ommeren, quality coordinator at Heijmans, discusses the importance of this certification.

Heijmans at work

Kiwa ready for testing according to recently published EN 18031

The EN 18031 standards series is a new set of standards developed by CEN-CENELEC to demonstrate compliance with RED Delegated Regulation (EU) 2022/30. Development of these standards began in June 2022, and they have now been published. Kiwa has applied for accreditation to conduct testing for the EN 18031 series of standards.

One revised ISO 27001, three different versions

When a standard is no longer up-to-date, it needs to be revised. This happened with ISO 27001 for information security in 2022. In the years following, the standard received several minor updates, resulting in three different versions: ISO/IEC 27001:2022, ISO/IEC 27001:2023 and ISO/IEC 27001:2024.
Contact

Want to know more?

Let us know!

Send us an email