The merger brings together more than 500 cyber security experts to safeguard demanding IT and industrial control system environments across multiple industries. It follows DNV’s acquisition of Amsterdam-based industrial cyber security specialist Applied Risk in 2021, and the conclusion of DNV’s acquisition of Helsinki-headquartered cyber security services leader Nixu in December 2023.
“Cyber security is a defining risk for the coming decade. Cyber risks can have huge safety, reliability, environmental and financial impacts and threaten the functioning of our societies. This merger combines Nixu’s broad portfolio of IT and managed cyber security services, Applied Risk’s leading position in securing industrial control systems, and DNV’s domain expertise in critical infrastructure industries. Together, we have created a business that delivers on all aspects of our customers’ cyber security needs and prepares us for significant future growth," said Remi Eriksen, Group President and CEO, DNV.
Nixu CEO Teemu Salmi has been appointed to lead the combined business, which will adopt the brand name DNV Cyber from mid-2024. Operating from offices in 11 countries, the business provides an enhanced portfolio of consulting and managed cyber security services.
“We are on a united mission to become the most customer-centric cyber security services business in Europe. Enabling this are the exceptional people who make up our business and deliver value to our customers. This is the place where cyber security professionals will grow and make a difference. And it is where businesses across the world will seek the trustworthy technical expertise they need to enhance safety and resilience in an era of rising digital risk, geopolitical uncertainty and tightening regulation,” said Teemu Salmi, CEO of DNV’s new cyber security services business.
DNV and Nixu have also combined their management systems certification businesses, increasing the capacity to provide information security certification and training services. These include information security management systems certification (ISO/IEC 27001), national security assessments, CSA STAR cloud service certifications, payment card industry (PCI) security assessments, and healthcare information system security assessments.
The merged cyber security services business will partner with customers and the security community to drive innovation and industry best practices. It will benefit from DNV’s long-term commitment to research and innovation, in which five per cent of the company’s revenue is reinvested into research and development programmes.