New White Paper: Implementing an Industrial Cybersecurity Program for Your Enterprise

PBUS 10 14 ISA 4th CSE 400

January 24, 2022

Research Triangle Park, North Carolina – The International Society of Automation (ISA) and the ISA Global Cybersecurity Alliance (ISAGCA), with contributing author Gary Rathwell, have released a new white paper entitled, “Implementing an Industrial Cybersecurity Program for Your Enterprise.”

ISA/IEC 62443 provides powerful tools to reduce the risk of financial, reputational, human, and environmental impact from cyber-attacks on Industrial Automation and Control Systems (IACS). ISA/IEC 62443 has been categorized as a “horizontal standard” by the International Electrotechnical Committee (IEC), validating its applicability for a wide range of industries. Any specific company is likely to find that while most of the standard applies to their IACS, parts of it may not. For example, some “normative requirements” that are appropriate for an interstate pipeline, may not be relevant to a chemical plant or a discrete manufacturing facility. There are also obvious differences between a large-scale corporation with many sites and thousands of employees, and a small company with a few dozen staff.

It is therefore recommended that each company establishes their own IACS Cybersecurity Program to manage cybersecurity risks, and ISA/IEC 62443 2-1 provides guidance on how to establish such a security program for IACS asset owners.

The white paper is intended to summarize the guidance from the series of standards and address the specific needs of owner/operators of industrial facilities. The paper covers the following topics:

  1. 1. What is an IACS cybersecurity program?
  2. 2. Preparing an IACS cybersecurity program
  3. 3. How does an IACS cybersecurity program relate to IT cybersecurity?
  4. 4. Costs and benefits of an IACS cybersecurity program
  5. 5. What to do next

“Creating an IACS cybersecurity program is approachable, and companies should be working with their vendors and partners to build such a program if they don’t already have one in place,” said contributing author Gary Rathwell. “This paper gives a foundation for building a program, and there is no time to waste for companies and organizations looking for protection from, and mitigation of, cyber incidents.”

The white paper is available to download here.

In the coming months, ISAGCA plans to publish additional white papers intended to guide IACS vendors, suppliers of IACS products and services, integration/engineering services, and other stakeholders as they prepare IACS cybersecurity programs within their facilities and operations.



Related Articles

Network Infrastructure Featured Product Spotlight

PBUS 14 Panduit logo 400

This webinar presented by Beth Lessard and Keith Cordero will be highlighting three Panduit solutions that will optimize network equipment and cabling to ensure that your spaces are efficiently and properly managed to support ever-evolving business needs of today and beyond. Products that will be featured include PanZone TrueEdge Wall Mount Enclsoure, Cable Managers, and Adjustable Depth 4-Post Rack.


Editor’s Pick: Featured Product News

Siemens: SIMOVAC Non-Arc-Resistant and SIMOVAC-AR Arc-Resistant Motor Controllers

The Siemens SIMOVAC medium-voltage non-arc-resistant and SIMOVAC-AR arc-resistant controllers have a modular design incorporating up to two 12SVC400 (400 A) controllers, housed in a freestanding sheet steel enclosure. Each controller is UL 347 class E2, equipped with three current-limiting fuses, a non-load-break isolating switch, and a fixed-mounted vacuum contactor (plug-in type optional for 12SVC400). The enclosure is designed for front access, allowing the equipment to be located with the rear of the equipment close to a non-combustible wall.

Read More

Sponsored Content
Explore the Benefits of Industrial Control Panel Certification

The growth of industrial machinery and automation is driving a growing need for industrial control panels (ICPs) globally. The UL 508A Industrial Control Panel Shop Program is part of UL’s General Coverage Program, which offers control panel manufacturers flexibility in applying UL Certification Marks to a wide range of industrial control panel designs. Our Industrial Control Panel Program covers multiple requirements like proper component usage, enclosure environmental ratings, wiring and motor protection, safety markings, and conformance to the National Electric Code® (NEC) and Canadian Electrical Code (CEC).

Learn more HERE.

Products for Panel Builders