Sandvik Mining says it has earned an internationally recognised certification for its product development processes, demonstrating its commitment to industry-leading cybersecurity.

Sandvik achieved IEC 62443-4-1 certification at Maturity Level 2 after an independent external audit of its development lifecycle. The IEC 62443-4-1 standard is a leading global benchmark for secure product development in industrial automation and control systems, the OEM says. It helps ensure that products are designed, developed and maintained with cybersecurity in mind, addressing risks including cyberattacks and data breaches throughout their lifespan.

Riku Pulli, President of Digital Mining Technologies at Sandvik Mining, said: “We’re proud to be among the first in our sector to attain IEC 62443 certification. This certification reduces cyber risk and operational disruption, enhances safety and regulatory compliance, strengthens supply chain resilience and provides security assurance for our customers. It emphasises our commitment to cybersecurity and is a signal of trust and readiness in an increasingly connected and threat-prone industrial environment.”

Maturity Level 2 ensures that cybersecurity is proactively integrated into product design, development, testing and maintenance processes. By embedding robust security measures early in the design of its equipment and digital solutions, Sandvik ensures that cybersecurity is built into its products by default, it says. This “secure-by-design” approach reduces the risk of vulnerabilities from the outset, helping to protect mining operations from cyber threats without compromising productivity.

Jaakko Kuivanen, Director, Global Automation Product Development and NPD Projects at Sandvik Mining, said: “Sandvik is at the forefront of mining digitalisation and our solutions are integral to our customers’ critical production processes. Any compromise in security could directly disrupt the continuity of their operations. As mining becomes increasingly connected and cyber threats become increasingly sophisticated, cybersecurity becomes an even greater priority. Demonstrating our ability to safeguard our products but also both our own and our customers’ data and intellectual property is essential.”

Certification at Maturity Level 2 includes processes for patch management, vulnerability handling and security updates, among others. Sandvik customers can expect timely, structured responses to evolving threats, ensuring that their equipment remains secure over its operational lifetime, it states.

The certification strengthens Sandvik’s readiness for forthcoming cybersecurity regulations, including the EU Cyber Resilience Act, which will require manufacturers of products with digital elements to ensure cybersecurity throughout the product’s lifecycle. The company says it is already advancing toward additional certifications to further validate the security of its equipment and software solutions, ensuring customers can continue to deploy Sandvik technologies in their operations with confidence.

“We’re committed to maintaining robust security defenses and managing cyber risks at every stage of product development,” Kuivanen said. “We will continue to invest in our secure development program and work closely with customers, industry partners and regulatory bodies to maintain the highest cybersecurity standards.”