Cybersecurity

Our Cybersecurity Compliance Team keeps an overview of all the global regulations relevant and applicable to Hitachi Energy and manages programs to ensure that Hitachi Energy is compliant with them with respect to our IT, Cybersecurity, Corporate Functions, System & Product Offerings

We aim to be an absolute leader with respect to certification to internationally recognized cyber- and information security standards such as ISO/IEC 27001 and IEC 62443. This is not only beneficial for continually improving the cybersecurity posture of the internal operations but also for offerings to customers. 

Explore in-depth insights and expert perspectives on cybersecurity. Our curated whitepapers and presentations provide practical guidance, innovative strategies, and thought leadership to help you stay ahead in securing critical energy infrastructure.

We ensure vulnerabilities and incidents are handled quickly and transparently to protect Hitachi Energy’s products and customers, following ISO/IEC 29147 and 30111 standards for responsible disclosure and mitigation, covering secure intake, validation, remediation, and advisory publication.

Our PSIRT responds swiftly to product-related threats, coordinating analysis, containment, and mitigation with internal teams and external stakeholders. Insights from incidents feed back into vulnerability management, strengthening security and trust.

We take security extremely seriously and apply stringent protocols across all products, systems, services, and data. Our suppliers play a vital role in maintaining this posture and are expected to complement our efforts to keep systems and information safe.

To guide these expectations, we require successful completion of Vendor Security and IT Risk Assessments before onboarding, and our contracts include strict confidentiality and data protection obligations. Suppliers must implement robust cybersecurity measures and adhere to GDPR-based principles when processing personal data on our behalf. Through continuous risk assessments and impact reviews, we ensure privacy and security are upheld at every stage.

We apply a robust Governance Framework that consolidates global regulatory inputs into a unified structure for efficiency and scalability. By integrating Risk Management, Issue Management, and a single Controls Framework under a dedicated Governance & Risk function, we ensure proactive identification, assessment, and treatment of risks.

Our federated approach brings together expertise across the organization to monitor and measure the effectiveness of responses, enabling consistent coverage within our ISMS and ongoing protection of data.

Get timely updates on emerging threats and our mitigation efforts.

Security is embedded in our product lifecycle through our Secure Development Lifecycle (SDL). We provide regular security updates and patches, hardening guidelines for deployment, and vulnerability management processes.