Third-party cyber security information
The information below outlines cyber security requirements for third parties interacting with Renishaw, referencing recognised security practices and detailing expectations for incident reporting.
Email security
Renishaw enforces domain anti-spoofing measures. We strongly advise third parties to adopt similar measures and failure to do so will likely result in delays to the delivery of their communications to Renishaw. For further information, see our Email security standards resource.
Security posture
Renishaw recommends adopting a security posture in line with recognised organisations such as:
- The National Cyber Security Centre. Their Cyber Essentials scheme is a bench mark for basic security measures that should be adopted by all organisations.
- The International Organisation for Standardization (IOS) ISO27001 - the globally recognised standard for information security management systems.
Reporting of security incidents
Organisations are continually at the threat of attack from malicious actors. This threat may take the form of:
- Email compromise (your email accounts have been accessed / manipulated by an unauthorised organisation)
- Malicious code (malware or ransomware) detected in your network
Unauthorised access to your data (data breaches) - If your organisation succumbs to one of these attacks you must inform our vulnerabilities team at vulnerabilities@renishaw.com
We will take the necessary measures to protect our organisation and provision a safe, interim communications mechanism if appropriate.