FIND OUT MORE

ISAGCA Updates

11 January 2022
New White Paper: Implementing an Industrial Cybersecurity Program for Your Enterprise

RESEARCH TRIANGLE PARK, N.C. (11 January 2022)—The International Society of Automation (ISA) and the ISA Global Cybersecurity Alliance (ISAGCA), with contributing author Gary Rathwell, have released a new white paper entitled, “Implementing an Industrial Cybersecurity Program for Your Enterprise.”

ISA/IEC 62443 provides powerful tools to reduce the risk of financial, reputational, human, and environmental impact from cyber-attacks on Industrial Automation and Control Systems (IACS). ISA/IEC 62443 has been categorized as a “horizontal standard” by the International Electrotechnical Committee (IEC), validating its applicability for a wide range of industries. Any specific company is likely to find that while most of the standard applies to their IACS, parts of it may not. For example, some “normative requirements” that are appropriate for an interstate pipeline, may not be relevant to a chemical plant or a discrete manufacturing facility. There are also obvious differences between a large-scale corporation with many sites and thousands of employees, and a small company with a few dozen staff.

It is therefore recommended that each company establishes their own IACS Cybersecurity Program to manage cybersecurity risks, and ISA/IEC 62443 2-1 provides guidance on how to establish such a security program for IACS asset owners.

The white paper is intended to summarize the guidance from the series of standards and address the specific needs of owner/operators of industrial facilities. The paper covers the following topics:

1. What is an IACS cybersecurity program?
2. Preparing an IACS cybersecurity program
3. How does an IACS cybersecurity program relate to IT cybersecurity?
4. Costs and benefits of an IACS cybersecurity program
5. What to do next

“Creating an IACS cybersecurity program is approachable, and companies should be working with their vendors and partners to build such a program if they don’t already have one in place,” said contributing author Gary Rathwell. “This paper gives a foundation for building a program, and there is no time to waste for companies and organizations looking for protection from, and mitigation of, cyber incidents.”

The white paper is available to download here.

In the coming months, ISAGCA plans to publish additional white papers intended to guide IACS vendors, suppliers of IACS products and services, integration/engineering services, and other stakeholders as they prepare IACS cybersecurity programs within their facilities and operations.

About ISAGCA
The ISA Global Cybersecurity Alliance (ISAGCA) is a collaborative forum of member companies that aim to advance cybersecurity awareness, education, readiness, and knowledge sharing industry-wide, on a global scale. The alliance’s objectives include expanding the development and use of the ISA/IEC 62443 series of standards, knowledge-sharing in an open environment, providing best practice tools to help companies secure their infrastructure, creating education and certification programs, and advocating for cybersecurity awareness and sensible approaches with world governments and regulatory bodies.

About ISAGCA Members
The ISA Global Cybersecurity Alliance is made up of 50+ member companies, representing more than $1.5 trillion in aggregate revenue across more than 2,400 combined worldwide locations. Automation and cybersecurity provider members serve 31 different industries, underscoring the broad applicability of the ISA/IEC 62443 series of standards. Current members of ISAGCA include 1898 & Co. (Burns McDonnell), ACET Solutions, aeSolutions, Baserock IT Solutions, Bayshore, Carrier Global, Claroty, ConsoleWorks, Coontec, CyberOwl, CyPhy Defense, Deloitte, Digital Immunity, Dragos, Eaton, exida, Ford Motor Company, Fortinet, Fortress InfoSec, Honeywell, Idaho National Laboratory, Idaho State University, ISASecure, Johns Manville, Johnson Controls, KPMG, LOGIIC, Mission Secure, MT4 senhasegura, Munio Security, Nova Systems, Nozomi Networks, PAS, PETRONAS, Pfizer, Purdue University, Radiflow, Redacted, Red Trident, Rockwell Automation, Schneider Electric, Surge Engineering, TDI Technologies, Tenable, TI Safe, Tripwire, TXOne Networks, UL, Wallix, WisePlant, Xage Security, and Xylem. For more information about ISAGCA, visit www.isa.org/isagca.

17 November 2021
The International Electrotechnical Commission Designates ISA/IEC 62443 as a Horizontal Standard

14 October 2021
ISAGCA and ISA Security Compliance Institute Release Joint Study on IIoT Product Certifications Based on the ISA/IEC 62443 Standard

7 September 2021
New York Lawmakers Reference ISA/IEC 62443 in New Proposed Bill

10 August 2021
ISAGCA Releases Position Paper on Automation Cybersecurity Requirements in Public Policy

20 July 2021
New White Paper: Applying ISO/IEC 27001/2 and the ISA/IEC 62443 Series for Operational Technology Environments

13 July 2021
ISAGCA and ICS4ICS Announce Cybersecurity First Responder Credentialing Program

22 June 2021
New White Paper: Leveraging ISA 62443-3-2 For Automation and Control Systems Cybersecurity Risk Assessment and Risk Related Strategies

15 June 2021
ISA Global Cybersecurity Alliance and admeritia Announce Top 20 Secure PLC Coding Practices Document

1 June 2021
ISA and MBI Join Forces to Answer High Demand for Industrial Cybersecurity Training in Germany

20 May 2021
ISA Global Cybersecurity Alliance Members Selected to Serve on Expert Panel Appointed by the Cyber Security Agency of Singapore

27 January 2021
ISA Global Cybersecurity Alliance Sets Priorities for 2021

18 November 2020
ISA Global Cybersecurity Alliance Appoints Advisory Board Leadership

12 November 2020
ISA Global Cybersecurity Alliance Welcomes Eight New Founding Members

27 October 2020
New Cybersecurity Guide: ISAGCA Introduces an Overview of Security Lifecycles in the ISA/IEC 62443 Series of Standards

15 September 2020
New ISA/IEC Standard Provides Auditable Approach to Assessing Cybersecurity Risk

18 March 2020
New Guide to Cybersecurity Standards: ISAGCA Introduces an Overview of the ISA/IEC 62443 Series

14 January 2020
ISA Global Cybersecurity Alliance Kicks Off 2020 with Priority Projects and Expanded Membership

25 July 2019
ISA Announces First Founding Members of ISA Global Cybersecurity Alliance  

10 July 2019 New ISA Global Cybersecurity Alliance Accelerates Education, Readiness, and Knowledge Sharing  


The Cybersecurity Advocate Archives

Review past issues of The Cybersecurity Advocate, the official newsletter of the ISA Global Cybersecurity Alliance.

March 2021

December 2020

August 2020

April 2020


Updates from Affiliated Organizations


Join the Movement: Contact ISA to Learn More

Let’s talk about how your company or organization can join us—contact Rick Zabel at rzabel@isa.org or +1 919 990 9233. Press and media should contact ISA’s Director of Marketing and Communications, Jennifer Halsey, at jhalsey@isa.org or +1 919 990 9287.  

LEARN MORE!