Standards documents, like IEC62443, are long and specialized. And even if the end user were to read the entire standard, inspecting the product for adherence to the standard is not a trivial process. So, how can end users hope to have confidence when purchasing products with standards-based cybersecurity?
Enter conformity certification...
ISA’s automation standards reflect the collective expertise of countless risk management and safety professionals. When implemented fully, they vastly improve an organization’s ability to prevent, mitigate, and build resilience against a constant onslaught of damaging cyber and physical hazards. Imperfect compliance processes, budget and time restrictions, and a lack of security skill and technical know-how have made leveraging that expertise a daunting task for many...
Having attended numerous conferences hosted by different industry groups over the past few years, I have found that the conversations are frequently muddled, lacking structure, and without a generally accepted paradigm for establishing context—with the exception of interchanges with a few subject-matter experts (SMEs) at the top of their game. The most frustrating dynamic is the lack of context. For example, I reviewed a recent industry group study about industrial automation and...
Before charging into the challenges of 2015, the ISA Security Compliance Institute (ISCI) would like to take a few moments to reflect on 2014 accomplishments and significant events affecting ISASecure. 2014 was a busy year for ISCI, highlighted by dedication and hard work from volunteer members, resulting in a number of noteworthy milestones.