Wärtsilä values the security of its information, data and Information Technology resources, and is committed to protecting them alongside the information entrusted to us by our customers. Wärtsilä Information Security Policy sets out the guidelines and expectations for the security of Wärtsilä data, information, and Information Technology resources, including customer information and personal data of its employees, customers, and business partners.
Should you need to report a cyber issue to Wärtsilä, please select the corresponding contact channel according to the nature of the issue.
To report a vulnerability related to Wärtsilä solutions
To report a cyber incident or other general cyber issue impacting Wärtsilä
For incidents related to Wärtsilä products or services, please use your regular support channel.
For questions and information related to cyber security in Marine or Energy applications, visit the corresponding pages.
Wärtsilä has established a Security Development Lifecycle (SDL) framework at corporate level, derived from industrial cybersecurity standard IEC 62443, as a foundation for our product security development. Wärtsilä also certifies selected applicable products in accordance with IEC 62443 and Marine Class Society frameworks. Cyber security as well as data protection and privacy requirements are built into Wärtsilä products and services across the industry.
Wärtsilä welcomes collaboration on cyber security with customers and recognises the importance of the work done by the researchers’ community to enhance the safety and security of our products and customers.
We accept vulnerability reports related to our solutions through our vulnerability disclosure channel.
At Wärtsilä, we nurture a human-centered security culture that recognises every employee plays an active role in safeguarding data and digital assets.
Alongside the mandatory annual awareness training, employees stay informed through ongoing communications, participate in awareness events and join ad hoc campaigns. Training initiatives that support continuous skills building leverage threat-aligned content, while awareness of emerging and trending topics is strengthened through intelligence feeds and active community discussions in internal channels.
Regular phishing simulations and micro-learning modules are integrated into our security stack, and active reporting behaviour is encouraged as a strategic detection capability. Cyber exercises and crisis simulations, often conducted together with valuechain partners, help us build preparedness and strengthen our overall resilience.
Dedicated resources within our cyber team focus on advancing the culture maturity journey, working in partnership with Leadership to promote secure behaviours and integrate cyber security into business operations.
By investing in people and practices, and by cultivating strong cyber citizenship, we continuously enhance our cyber resilience and contribute positively to a more secure society.
