New York Lawmakers Reference ISA/IEC 62443 in New Proposed Bill

PBUS 10 14 ISA 4th CSE 400

September 14, 2021

New York state legislature is hoping to add additional protections to the state’s critical infrastructure via a newly proposed cybersecurity bill. The bill leverages the industry-adopted ISA/IEC 62443 series of standards to shape metrics and benchmarks for operational technology cybersecurity. If passed, the bill’s measures would be applied to the state’s critical infrastructure facilities, including: public transportation; water and wastewater treatment facilities; public utilities and buildings; hospitals, public health facilities, financial service organizations; and automation and control system components.

“There have been an increased amount of cyberattacks where hackers are just holding people hostage,” Senator Kevin Thomas, the bill’s sponsor, said. “The bill looks to address this by updating systems to match international standards so that the state’s critical infrastructure is protected as much as possible. There needs to be more vigilance. We need to know whether these critical infrastructure systems can be compromised and how to upgrade them to prevent them from being compromised.”

The ISA/IEC 62443 series of standards, developed by the ISA99 committee and adopted by the International Electrotechnical Commission (IEC), provides a flexible framework to address and mitigate current and future security vulnerabilities in industrial automation and control systems (IACSs). The committee draws on the input and knowledge of IACS security experts from across the globe to develop consensus standards that are applicable to all industry sectors and critical infrastructure.

“The technologies that control and automate the world’s most critical operations, including the facilities where we work and live, are under constant threat and attack,” said ISA Global Cybersecurity Alliance Managing Director Andre Ristaino. “Consistent, global adoption of the ISA/IEC 62443 series of standards will help vendors, third parties, and end users—indeed, the entire digital supply chain—effectively and proactively manage risks to their people, assets, and operations.”

The ISA Global Cybersecurity Alliance (ISAGCA), made up of 50+ companies, continues to actively work to confront cybersecurity challenges in multiple ways. In general, a strong cybersecurity posture relies on people, process, and technology:

  •    –   People: Individuals and companies using automation and control systems must be well-trained, and companies must make better cybersecurity hygiene and best practices the fabric of their corporate and facility-level cultures.
  •    –   Process: The ISA/IEC 62443 series of standards, endorsed by the United Nations and backed by hundreds of asset owners in every world region, specifies how to assess and manage cybersecurity risk in OT environments. At the state and federal level, in the United States and around the world, the ISAGCA and its member companies are advocating policies that designate theuse of the ISA/IEC 62443 series of standards as foundational, outcome-focused, technology-neutral documentation. The series of standards articulates roles, responsibilities, and expectations of suppliers, service providers, and asset owners, which can be easily translated to enforceable policy elements.
  •    –   Technology: The ISA Security Compliance Institute offers conformance programs to certify components, devices, systems, and processes that are compliant with the latest ISA/IEC 62443 requirements. ISA advocates common-sense approaches to protecting legacy and next-gen equipment, leveraging the vast knowledge and expertise of our supplier and integrator member companies.

Many critical infrastructure and industrial manufacturing companies already have orare working diligently to integrate cybersecurity into their risk-management and business continuity plans and strategies. Using the ISA/IEC 62443 series of standards as their foundation, they focus on adopting security as part of the operations lifecycle, ensuring compliance with various aspects of the standards across their supply chains, and including cybersecurity in operational risk-management profiles.



Related Articles

Network Infrastructure Featured Product Spotlight

PBUS 14 Panduit logo 400

This webinar presented by Beth Lessard and Keith Cordero will be highlighting three Panduit solutions that will optimize network equipment and cabling to ensure that your spaces are efficiently and properly managed to support ever-evolving business needs of today and beyond. Products that will be featured include PanZone TrueEdge Wall Mount Enclsoure, Cable Managers, and Adjustable Depth 4-Post Rack.


Editor’s Pick: Featured Product News

Siemens: SIMOVAC Non-Arc-Resistant and SIMOVAC-AR Arc-Resistant Motor Controllers

The Siemens SIMOVAC medium-voltage non-arc-resistant and SIMOVAC-AR arc-resistant controllers have a modular design incorporating up to two 12SVC400 (400 A) controllers, housed in a freestanding sheet steel enclosure. Each controller is UL 347 class E2, equipped with three current-limiting fuses, a non-load-break isolating switch, and a fixed-mounted vacuum contactor (plug-in type optional for 12SVC400). The enclosure is designed for front access, allowing the equipment to be located with the rear of the equipment close to a non-combustible wall.

Read More

Sponsored Content
Electrify Your Enterprise

Power is vital to production, and well-designed control cabinets are key. Allied Electronics & Automation offers a comprehensive collection of control cabinet solutions including PLCs, HMIs, contactors, miniature circuit breakers, terminal block connectors, DIN-rail power supplies, pushbutton switches, motor starters, overloads, power relays, industrial Ethernet switches and AC drives engineered to keep your operations running safely, reliably and efficiently.

Learn more HERE.

Products for Panel Builders

  • Banner Engineering: New Comprehensive M8 Cordset Selection

    Banner Engineering: New Comprehensive M8 Cordset Selection

    Banner now offers a broader range of M8 cordsets to support compatible Banner products and other industrial M8 devices. Available lengths include 1, 2, 5, 8, and 10 m of both female and male single- and double-ended M8 cordsets with the option of three or four pins. A greater selection means more options for more… Read More…

  • Saginaw: NextGen Enclosure Builder

    Saginaw: NextGen Enclosure Builder

    Introducing Saginaw’s latest enclosure building tool. It helps you discover the perfect enclosure by narrowing down your options based on your preferences. Select a starting point, and it will guide you through the process, leading you to the ideal NextGen enclosure. Read More…