Annual Report and Sustainability Report 2021


Security is important for KONGSBERG

Cyber and Information Security

Security is important for KONGSBERG and concerns the protection of information, personnel and physical assets. To ensure that the security related work is both practical and effective, this is a part of KONGSBERG’s governance model and business strategies and integrated in relevant business processes.

Cyber Security

Cyber Security includes managing the risks and security challenges posed by the use of information technology. It includes both hardware, software, services, communication between them, and not least structured work processes.

Our ambitions

We have set targets and indicators to support our ambitions and to ensure compliance and follow-up.

We shall ensure trust and credibility by continuously protecting information, personnel, physical assets and technology to avoid damage, misuse and breakdowns, and to ensure that our products and services work as intended.

  • We shall ensure a security culture, awareness in the organization and personal responsibility.
  • We shall maintain, and further develop, a robust system for compliance with Data Privacy regulations as a part of Cyber and Information Security.
  • Our services are carefully monitored and protected by layered security architecture including extensive logging and monitoring.
  • We continuously conduct security training and awareness programs.
  • We carry out risk management to balance business goals, efficiency and the right level of security.
  • We have structured processes for threat intelligence and incident management for efficient emergency handling.
  • Indicators for 2021

    Establish and maintain required certifications. 

  • Indicators for 2021

    Security training and awareness campaigns for all KONGSBERG employees.

  • Indicators for 2021

    Implement a robust framework for personal data breach handling in KONGSBERG governance system.

Our approach to Cyber and Information Security

Collaboration in the cyber security domain

  • KONGSBERG is dependent on the trust of its owners, customers and business partners as well as close collaboration with all parties.
  • We have close cooperation with governmental bodies within the cyber security domain.
  • We have active collaboration and interaction with special interest groups and leading authorities on cyber security topics.
  • We have established KONGSBERG Cyber Security Center, a dedicated, common resource center for the Group.

Development of secure solutions for our customers

  • KONGSBERG has a long tradition for delivering mission critical solutions, rooted in the defence and aerospace industry, the high-tech industrial environments of the maritime sector and the energy industry.
  • We use security and privacy by design as a fundamental principle in software development.
  • We have structured processes for lifecycle management. This allows us to deliver high quality services and meet security requirements.
  • We have internationally acknowledged standards fully included as a part of our strategy and operations.
Information represents very important, valuable assets for KONGSBERG. We protect these values with structured and robust information security processes.

Information security

Information security consists of work processes and procedures based on ISO/IEC 27001 and shall ensure an adequate level of security with regard to confidentiality, integrity or availability.

Information represents very important, valuable assets for KONGSBERG. We protect these values with structured and robust information security processes. We make use of all the security perspectives set out in ISO/IEC 27001. This has been implemented in all our business areas through policies, processes and procedures, which together meet all information security requirements facing the business. Compliance is ensured through comprehensive monitoring and continuous audit programs.

Personnel security

Personnel security is addressing both the intentional and unintentional risk of people misusing their legitimate access to KONGSBERG’s property for unauthorised purposes.

Personnel safety in KONGSBERG is maintained by robust processes throughout the employment or engagement at KONGSBERG. This includes everything from selection process, background checks, agreements, training, access control and processes for termination of employment.

Physical security

The purpose of physical security is to protect personnel, assets and property from damage, theft or destruction.

In KONGSBERG, we achieve good physical security through a combination of secure areas that are physically protected against  unauthorized access, admission control systems in all locations and zone divisions of the facilities.

To the top