FIND OUT MORE

ISAGCA Updates

17 November 2021
The International Electrotechnical Commission Designates ISA/IEC 62443 as a Horizontal Standard

RESEARCH TRIANGLE PARK, N.C. (17 November 2021)—The International Society of Automation (ISA) and the ISA Global Cybersecurity Alliance (ISAGCA) are proud to announce that the International Electrotechnical Commission (IEC) has officially designated the IEC/ISA 62443 series of standards as “horizontal,” meaning that they are proven to be applicable to a wide range of different industries.

According to the IEC decision, “The IEC Technical Committee 65 (TC 65) publishes IEC 62443 for operational technology found in industrial and critical infrastructure, including but not restricted to power utilities, water management systems, healthcare, and transport systems. These horizontal standards, also known as base standards, are technology independent. They can be applied across many technical areas.”

“The ISA99 committee of the International Society of Automation (ISA) and IEC Technical Committee 65 Working Group 10 have been collaborating on the development of the ISA/IEC 62443 cybersecurity standards for industrial automation and control systems (IACS) cybersecurity for many years. While broad applicability has always been the intent, there has been a common perception that they were most appropriate for process industries such as chemicals and refining,” explained ISA99 Co-Chair Eric Cosman. “Despite that perception, there have been several examples of successful applications in other sectors, such as transportation, building automation, metals and mining, and discrete manufacturing. It’s ultimately best for users if they can rely on one set of sector-agnostic standards, and we are very happy to receive the IEC decision to designate the ISA/IEC 62443 series as horizontal standards.”

The ISA/IEC 62443 series of standards is the world’s only consensus-based cybersecurity standard for automation and control system applications. These standards codify hundreds of years of operational technology and IoT cybersecurity subject matter expertise. Using the ISA/IEC 62443 series of standards as a foundation, companies can focus on adopting security as part of the operations lifecycle, ensuring compliance with various aspects of the standards across their supply chains, and including cybersecurity in operational risk-management profiles.

“While this news might seem like a procedural detail, it will have significant implications,” said Cosman. “Various other IEC technical committees that represent the needs and interests of specific sectors will presumably base their cybersecurity-related efforts on what is in the 62443 standards, focusing on defining how they should be interpreted and applied in a given set of circumstances. This will almost certainly lead to the creation of a set of sector-specific profiles for this purpose. To help in this effort, TC65 WG10 is developing guidance on how to develop such profiles, rather than pursue sector-specific and perhaps inconsistent standards. Guidelines, frameworks, training materials, and other resources can also take on a more general focus, incorporating the needs of many sectors.”

The designation of the ISA/IEC 62443 series as a horizontal standard will have many benefits to stakeholders:

  • Asset owners who have a presence in or exposure to more than one sector will be able to align their cybersecurity programs, leveraging ISA/IEC 62443 as the one single source for the fundamental principles and requirements of automation cybersecurity
  • Automation system suppliers will be able to certify their products for a broader range of applications, using a common set of conformance specifications based on 62443
  • IEC TC 65 WG 10 and the ISA99 committee will be able to focus their efforts on collaboration and advancement of the series of standards, especially around current demands in areas such as IIoT, sensor-level security, and supply chain risks
  • The ISA Global Cybersecurity Alliance (ISAGCA) and its 50+ member companies will partner with asset owners and suppliers to build relevant, applications-focused materials to enable companies in different sectors around the world to adopt and implement the series of standards at scale
  • The member companies of the ISA Global Cybersecurity Alliance have long believed in the broad applicability of the ISA/IEC 62443 series of standards,” said ISAGCA Chair Megan Samford, TITLE. “We could not be more excited to see this news from IEC, because it echoes and confirms the work we’ve done. This series of standards is the only complete set of practices and security capabilities that can be applied to consistently assess and improve cybersecurity for operational technology systems, and our members stand ready to help companies all over the globe implement it successfully.”

About ISA
The International Society of Automation (ISA) is a non-profit professional association founded in 1945 to create a better world through automation. ISA advances technical competence by connecting the automation community to achieve operational excellence. The organization develops widely used global standards; certifies industry professionals; provides education and training; publishes books and technical articles; hosts conferences and exhibits; and provides networking and career development programs for its members and customers around the world.

ISA created the ISA Global Cybersecurity Alliance (isa.org/ISAGCA) to advance cybersecurity readiness and awareness in manufacturing and critical infrastructure facilities and processes. The Alliance brings end-user companies, automation and control systems providers, IT infrastructure providers, services providers, system integrators, and other cybersecurity stakeholder organizations together to proactively address growing threats.

ISA owns Automation.com, a leading online publisher of automation-related content, and is the founding sponsor of The Automation Federation (automationfederation.org), an association of non-profit organizations serving as “The Voice of Automation.” Through a wholly-owned subsidiary, ISA bridges the gap between standards and their implementation with the ISA Security Compliance Institute (isasecure.org) and the ISA Wireless Compliance Institute (isa100wci.org).

About ISAGCA
The ISA Global Cybersecurity Alliance (ISAGCA) is a collaborative forum of member companies that aim to advance cybersecurity awareness, education, readiness, and knowledge sharing industry-wide, on a global scale. The alliance’s objectives include expanding the development and use of the ISA/IEC 62443 series of standards, knowledge-sharing in an open environment, providing best practice tools to help companies secure their infrastructure, creating education and certification programs, and advocating for cybersecurity awareness and sensible approaches with world governments and regulatory bodies.

About ISAGCA Members
The ISA Global Cybersecurity Alliance is made up of 50+ member companies, representing more than $1.5 trillion in aggregate revenue across more than 2,400 combined worldwide locations. Automation and cybersecurity provider members serve 31 different industries, underscoring the broad applicability of the ISA/IEC 62443 series of standards. Current members of ISAGCA include 1898 & Co. (Burns McDonnell), ACET Solutions, aeSolutions, Baserock IT Solutions, Bayshore, Carrier Global, Claroty, ConsoleWorks, Coontec, CyberOwl, CyPhy Defense, Deloitte, Digital Immunity, Dragos, Eaton, exida, Ford Motor Company, Fortinet, Honeywell, Idaho National Laboratory, Idaho State University, ISASecure, Johns Manville, Johnson Controls, KPMG, LOGIIC, Mission Secure, MT4 senhasegura, Munio Security, Nova Systems, Nozomi Networks, PAS, PETRONAS, Pfizer, Radiflow, Redacted, Red Trident, Rockwell Automation, Schneider Electric, Surge Engineering, TDI Technologies, Tenable, TI Safe, Tripwire, TXOne Networks, UL, Wallix, WisePlant, Xage Security, and Xylem. For more information about ISAGCA, visit www.isa.org/isagca.

14 October 2021
ISAGCA and ISA Security Compliance Institute Release Joint Study on IIoT Product Certifications Based on the ISA/IEC 62443 Standard

7 September 2021
New York Lawmakers Reference ISA/IEC 62443 in New Proposed Bill

10 August 2021
ISAGCA Releases Position Paper on Automation Cybersecurity Requirements in Public Policy

20 July 2021
New White Paper: Applying ISO/IEC 27001/2 and the ISA/IEC 62443 Series for Operational Technology Environments

13 July 2021
ISAGCA and ICS4ICS Announce Cybersecurity First Responder Credentialing Program

22 June 2021
New White Paper: Leveraging ISA 62443-3-2 For Automation and Control Systems Cybersecurity Risk Assessment and Risk Related Strategies

15 June 2021
ISA Global Cybersecurity Alliance and admeritia Announce Top 20 Secure PLC Coding Practices Document

1 June 2021
ISA and MBI Join Forces to Answer High Demand for Industrial Cybersecurity Training in Germany

20 May 2021
ISA Global Cybersecurity Alliance Members Selected to Serve on Expert Panel Appointed by the Cyber Security Agency of Singapore

27 January 2021
ISA Global Cybersecurity Alliance Sets Priorities for 2021

18 November 2020
ISA Global Cybersecurity Alliance Appoints Advisory Board Leadership

12 November 2020
ISA Global Cybersecurity Alliance Welcomes Eight New Founding Members

27 October 2020
New Cybersecurity Guide: ISAGCA Introduces an Overview of Security Lifecycles in the ISA/IEC 62443 Series of Standards

15 September 2020
New ISA/IEC Standard Provides Auditable Approach to Assessing Cybersecurity Risk

18 March 2020
New Guide to Cybersecurity Standards: ISAGCA Introduces an Overview of the ISA/IEC 62443 Series

14 January 2020
ISA Global Cybersecurity Alliance Kicks Off 2020 with Priority Projects and Expanded Membership

25 July 2019
ISA Announces First Founding Members of ISA Global Cybersecurity Alliance  

10 July 2019 New ISA Global Cybersecurity Alliance Accelerates Education, Readiness, and Knowledge Sharing  


ISAGCA in the News

The ISA Global Cybersecurity Alliance is garnering attention from every corner of the world. Featured in more than 2,200 publications in 30 countries, the ISAGCA and the ISA/IEC 62443 series of standards continue to make an impact in the media. Here are a few examples: 

12 March 2021
Strengthening the IT security posture in corporates and industrials
McKinsey & Company

March 2021
After Oldsmar: How vulnerable is US critical infrastructure?
TechTarget

3 February 2021
ISA Global Cybersecurity Alliance lists 2021 agenda, to focus on ISA/IEC 62443 standards
Industrial Cyber

November/December 2020
Cybersecurity standards hit their stride
InTech Magazine

24 August 2020
CISO Conversations: Understanding ISA/IEC 62443
Dark Reading

4 March 2020
The Cyber Threats Are Real – We’ve Got to Be Ready
Arabian Industry

16 January 2020 ISA Global Cybersecurity Alliance Triples Membership Info Security, United States

20 November 2019 New ISA Global Cybersecurity Alliance reduces threats through collaboration Enterprise Channels MEA, United Arab Emirates  

20 November 2019 Effective cybersecurity is a team sport Control Global, United States  

18 November 2019 ISA Cybersecurity Standards in Smart Cities: ARC Smart City Podcast ARC Viewpoints Blog Sites, United States  

14 November 2019 Is cybersecurity embedded in your organisation? Engineering News, South Africa  

31 October 2019 Triconex and Foxboro user group meetings in Austin for Schneider Electric’s Processes The Statesman Examiner - FinancialContent, United States  

28 October 2019 Certification Emphasizes Cybersecurity of Schneider Electric’s Processes Press Releases - Digital Journal, Canada  

23 October 2019 Cybersecurity experts offer best practices Control Global, United States  

17 October 2019 Schneider Eectric inAugusturates digital transformation of smart distribution centre in Brazil MEP Middle East, United Arab Emirates  

15 October 2019 Creating a More Secure Digital Ecosystem By Connecting The Dots Industrial Automation Asia, Singapore  

9 October 2019 Cybersecurity Alliance Helps Reduce Threats Through Collaboration Nutesla - The Informant, Italy  

19 September 2019 Interview: What will ISA's Global Cybersecurity Alliance actually do? Tech Wire Asia, United Kingdom  

18 September 2019 ISA Forms ISAGCA to Promote ISA 62443 Cybersecurity Standard ARC Viewpoints Blog Sites, United States  

12 September 2019 Rockwell announced as founding member of ISA Global Cybersecurity Alliance Controls, Drives & Automation, United Kingdom 

3 September 2019
ISA Global Cybersecurity Alliance: Schneider Electric membro fondatore Information Technology

Intelligent Software, Italy  

22 August 2019 Honeywell Advances Cybersecurity Efforts as Founding Member of New ISA Alliance BISInfotech, India

20 August 2019 Advancing cybersecurity efforts to enhance the development and adoption of cybersecurity standards ELE Times, India  

16 August 2019 ISA Global Cybersecurity Alliance Welcomes Schneider Electric As a Founding Member Digital Journal, Canada  

16 August 2019 ISA Global Cybersecurity Alliance Welcomes Schneider Electric As a Founding Member Boston Herald - FinancialContent, United States  

14 August 2019 Cybersecurity Concerns Could be Cause for IoT Pause – RTInsights RT Insights, United States

14 August 2019 ISA Global Cybersecurity Alliance Welcomes Schneider Electric as founding member Data Economy, United Kingdom

6 August 2019 Schneider Electric joins ISA Global Cybersecurity Alliance Trade Arabia, Bahrain  

5 August 2019
Honeywell joins ISA Global Cybersecurity Alliance
Homeland Preparedness News, United States  


The Cybersecurity Advocate Archives

Review past issues of The Cybersecurity Advocate, the official newsletter of the ISA Global Cybersecurity Alliance.

March 2021

December 2020

August 2020

April 2020


Updates from Affiliated Organizations


Members

PAS
xage security
Wallix
Bayshore
Supporting Member - senhasegura
radiflow
exida
Munio Security
Digital Immunity
tripwire
INL - Idaho National Laboratory
TDI ConsoleWorks
Eaton
KPMG
Surge Engineering
Petronas
UL logo
Idaho State University logo
Johns Manville
Red Trident logo
Xylem logo
Coontec Logo
Cyphy Defense Logo

Join the Movement: Contact ISA to Learn More

Let’s talk about how your company or organization can join us—contact Rick Zabel at rzabel@isa.org or +1 919 990 9233. Press and media should contact ISA’s Director of Marketing and Communications, Jennifer Halsey, at jhalsey@isa.org or +1 919 990 9287.  

LEARN MORE!