- ZGR authorized as CNA (CVE Numbering Authority), competent body in the designation, publication and disclosure of vulnerabilities, affecting its sector and activity. Accession has been made under the leadership and coordination of the National Institute of Cybersecurity (INCIBE). CNA is the most important global network for cooperation in the identification of vulnerabilities and the fight for cyber security.
- The Basque company takes another step forward in its commitment to cybersecurity in power electronics. It becomes part of the network of 203 CNAs spread over 32 countries to manage the CVE vulnerability program. In Spain, ZGR is the first company in the energy sector to join and the fourth one considering all sectors.
- CVE is an international, community-based effort and relies on the community to discover vulnerabilities. The vulnerabilities are discovered then assigned and published to the CVE List. The CVE List is a catalog of publicly disclosed vulnerabilities, free for organizations to improve their cyber security. When a problem is discovered in a device, it is analyzed whether the vulnerability has been discovered before and, if not, it is assigned an identifier.
- The role as a CNA allows ZGR to assign CVE identifiers to vulnerabilities that are detected and affect its products.
Madrid/Vitoria/Valencia, November 30, 2021 – ZGR, a business group specialized in developing reliable, robust and highly productive solutions for the integrated management of electrical energy. The company is highly committed to the security, privacy and integrity of its products and services in the fields of:
- energy generation (photovoltaic).
- transmission and distribution (stations and substations).
- consumption (industry).
ZGR’s commitment to cybersecurity
ZGR‘s commitment to the development of solutions to advance the energy transition towards smart and distributed grids, maximizing energy production and grid quality, generates a strong commitment to cybersecurity.
This commitment has led it to be one of the first companies to join as a CNA (CVE Numbering Authority), a competent body in the designation, publication and disclosure of vulnerabilities affecting its sector and activity, under the leadership and coordination of INCIBE (Spanish National Cybersecurity Institute).
The role as a CNA allows the company to assign CVEs to vulnerabilities that are detected and affect its power grid-related products. ZGR has established a responsible vulnerability disclosure policy, published on its website.
With this action, ZGR takes another step forward in cybersecurity in a sector, that of the manufacturers of components and equipment specialized in power electronics, which is strategic and key to economic and social development and progress.
Smart grids and cybersecurity
“The cooperation and generation of a cybersecurity culture we believe is vital,” says Íñigo Segura, CEO of ZGR, who adds: “Being part of the CVE Program is one of the international tools that our sector has to fight against threats and cyberattacks to electrical systems and critical infrastructures”.
Iñaki Merino, systems director at ZGR, believes that: “Today’s smart grids are data networks. So, the possibility of equipping our components with computing and communication capabilities to turn them into intelligent equipment that cooperate with each other, with the capacity to act autonomously, is a great step forward. But information security requirements are becoming increasingly important. Being a CNA is a further step in our continuous improvement of security protocols and systems.”
The National Cybersecurity Institute of Spain (INCIBE) is a company under the Ministry of Economic Affairs and Digital Transformation, through the Secretary of State for Digitalization and Artificial Intelligence, consolidated as a reference entity for the development of cybersecurity and digital confidence of citizens, academic and research network, professionals, companies and especially for strategic sectors. Likewise, INCIBE, with an activity based on research, the provision of services and coordination with the agents with competences in the field, contributes to build cybersecurity at national and international level.
About Zigor Corporación
ZGR CORPORACIÓN S.A. is a business group specialized in the design, manufacture, implementation and maintenance of solutions for the integrated management of electrical energy. Manufacturer since 1998, it is an international reference in power electronics, especially in the development of intelligent medium voltage and grid quality systems, as well as in hybrid and modular energy storage, based on batteries. It has three main areas of expertise:
- Transmission and Distribution.
- Energy (photovoltaics).
As a manufacturer, one of its differential value elements is its local technical service and manufacturing guarantees. It has a large number of national and international certifications and approvals for its activity.