Wind River Achieves Information Security Standards ISO 27001 Certification

Wind River announced that it has achieved ISO/IEC 27001:2013 certification, in recognition of its proven commitment to the highest level of information security management. Following an extensive audit process, the certification was issued by A-LIGN.

Global cybercrime costs are expected to grow by 15 percent per year, reaching $10.5 trillion annually by 2025, up from $3 trillion in 2015.1 As a result, companies increasingly require additional security certification measures to protect their sensitive information. The ISO 27001 certification provides assurance that Wind River continues to meet increased security requirements and improve its security posture, giving customers confidence the company is maintaining the highest level of security measures.

ISO 27001 is a globally recognized standard mandating numerous controls for the establishment, maintenance, and certification of an information security management system (ISMS). The Wind River ISMS is designed to cover all key areas of a robust information security program with a focus on providing secure product management and services for employees, customers, and partners. Wind River received the certification upon its first ISO attempt, showcasing the completeness and rigor of its information security program. To achieve the ISO 27001 certification, organizations must demonstrate a systematic and documented approach to protecting and managing sensitive company and customer information including intellectual property, employee and customer data, financial information, and information entrusted to them by third parties.

“As a company delivering software to mission-critical industries where security is paramount, nothing is more important than protecting the assets and data of our customers, partners, and employees,” said Rich Kellen, chief information security officer, Wind River. “Earning the most widely recognized information security certification is not only an industry differentiator but also a significant accomplishment and testament to our ongoing and long-standing commitment to the highest level of security.”

The scope of the ISO/IEC 27001:2013 certification covers the ISMS supporting Wind River’s people, processes, and technologies related to the provision of customer support and professional services, product management, and information technology services. As security requirements increase, Wind River rises to help customers overcome their cyber requirement challenges by obtaining security certifications such as ISO 27001, Cyber Essential Plus, NIST SP 800-171, and TISAX.