The International Society of Automation (ISA) and the ISA Global Cybersecurity Alliance (ISAGCA) have released a new guide to the security lifecycles outlined in the ISA/IEC 62443 series of standards.
RESEARCH TRIANGLE PARK, N.C., Oct. 27, 2020 /PRNewswire-PRWeb/ -- The International Society of Automation (ISA) and the ISA Global Cybersecurity Alliance (ISAGCA) have released a new guide to the security lifecycles outlined in the ISA/IEC 62443 series of standards and technical reports. ISA/IEC 62443 constitutes the world's only consensus-based series of automation cybersecurity standards.
"Security Lifecycles in the ISA/IEC 62443 Series: Security of Industrial Automation and Control Systems," now available for download at isa.org/securitylifecycles [isa.org/securitylifecycles __title__ Security Lifecycles], provides a high-level view of the product security lifecycle and the automation solution security lifecycle. The guide defines principal roles and responsibilities in industrial automation and control systems (IACS), and it explores how to apply specific standards documents to each phase within the security lifecycles.
This new guide answers some of the most common questions about security lifecycles in the ISA/IEC 62443 Standards, including:
How can various roles share the responsibility of IACS cybersecurity?
What are the differences between the product security lifecycle and the automation solution security lifecycle?
Who should be accountable for cyber risk?
How does an organization maintain effective, resilient IACS cybersecurity?
The ISA Global Cybersecurity Alliance's Training and Education work group coordinated the development of the guide, which was authored by Johan Nye and reviewed by the ISA99 committee. Nye is an independent consultant specializing in industrial control systems (ICS) and cybersecurity. During his career spanning more than 38 years, Nye has designed ICS system architectures, created company standards and policies, implemented major ICS projects, supported ICS site engineers, and contributed to the design of several ICS products.
"Automation cybersecurity standards are crucial in this increasingly connected world," says Mary Ramsey, ISA executive director. "The ISA/IEC 62443 series of standards leads the way as the world's only consensus-based standards that focus on automation cybersecurity. One goal of the ISA Global Cybersecurity Alliance is to raise awareness of these standards and encourage their adoption across a wide range of industries. We are grateful to the ISAGCA Training and Education work group, the ISA99 committee, and Johan Nye for creating a guide to exploring security lifecycles in the ISA/IEC 62443 series in a user-friendly format."
"Security Lifecycles in the ISA/IEC 62443 Series: Security of Industrial Automation and Control Systems" can be accessed by filling out a form at isa.org/securitylifecycles [isa.org/securitylifecycles __title__ Security Lifecycles].
The International Society of Automation (isa.org) is a non-profit professional association founded in 1945 to create a better world through automation. ISA advances technical competence by connecting the automation community to achieve operational excellence. The organization develops widely-used global standards; certifies industry professionals; provides education and training; publishes books and technical articles; hosts conferences and exhibits; and provides networking and career development programs for its 40,000 members and 400,000 customers around the world.
ISA created the ISA Global Cybersecurity Alliance (isa.org/ISAGCA) to advance cybersecurity readiness and awareness in manufacturing and critical infrastructure facilities and processes. The Alliance brings end-user companies, automation and control systems providers, IT infrastructure providers, services providers, and system integrators and other cybersecurity stakeholder organizations together to proactively address growing threats.
ISA owns Automation.com, a leading online publisher of automation-related content, and is the founding sponsor of The Automation Federation (automationfederation.org), an association of non-profit organizations serving as "The Voice of Automation." Through a wholly owned subsidiary, ISA bridges the gap between standards and their implementation with the ISA Security Compliance Institute (isasecure.org) and the ISA Wireless Compliance Institute (isa100wci.org).
SOURCE ISA Global Cybersecurity Alliance