Royal Dutch Shell plc joins the ISA Security Compliance Institute in support of the ISASecure® Cybersecurity Conformance Scheme
Shell’s inclusion as a technical member provides vital input of energy sector leader, enhances relevancy of the ISASecure program
Research Triangle Park, North Carolina, USA (24 October 2019) – The ISA Security Compliance Institute (ISCI) announced today that Royal Dutch Shell plc has joined ISCI as technical member in support of the ISASecure® Cybersecurity Conformance Scheme.
The ISASecure certification program, developed by ISCI, is an industry-led program composed of the leading stakeholders in the process industry. It assesses IAC products and systems to ensure they are robust against network attacks, free from known vulnerabilities, and meet the security capabilities defined in the ISA/IEC 62443 standards.
A key differentiator of the ISASecure program is its inclusion of end users in its certification development process. End user members directly contribute to ISASecure certification development, ensuring their needs are reflected in the certification requirements.
“Business drivers, such as digitalization and IIOT, are seeking to extract ever increasing amounts of value from our industrial automation and control systems,” says Mark Duck, Principal Technical Expert, ICS Security, Shell. “This in turn, results in more integration between the automation systems and business systems, including cloud-based business systems, which increases cybersecurity risk. The industry must find ways to systematically improve the security posture of these automation systems and simultaneously meet these new business requirements. Shell uses the ISA/IEC 62443 standard internally and recognizes the value of the ISASecure product security certification process to ensure end users, like Shell, are buying products with verified security capabilities and robustness. Shell is also supporting initiatives such as The Open Group Open Process Automation Forum (OPAF) which has selected the ISA/IEC 62443 industrial cybersecurity standard. OPAF has, in turn, partnered with ISASecure to leverage the certification processes offered by ISASecure based on the ISA/IEC 62443 standard. Shell recognizes the synergy in this approach and is pleased to provide support and the opportunity to influence the resulting requirements and standards.”
“We are very pleased to welcome Shell as a technical member of ISCI,” says Andre Ristaino, ISCI managing director. “As an international energy company and industry leader, Shell is committed to providing energy solutions safely and securely. Their expertise and experience will strengthen the ISASecure conformance and certification program and enhance its global reputation in the energy sector for protecting industrial automation and control products and systems from security vulnerabilities.”
ISASecure Program Overview
The ISASecure Certification Program was the first standards-based program for control systems and the first to offer certifications to ISA/IEC 62443, the world’s only consensus-based series of industrial cybersecurity standards. It is the most referenced ISA/IEC 62443 control system certification scheme in the world.
ISASecure delivers:
- The Assurance of 360° Certification and Ongoing Security Assessments, Security Lifecycle Audits and Testing
- Cyber-Incident Response Plans
- Accredited, Independent Certification Bodies (CBs/labs)
- An Unbiased, industry-driven Approach
- Transparency
About Shell
Shell is an international energy company with expertise in the exploration, production, refining and marketing of oil and natural gas, and the manufacturing and marketing of chemicals.
Our strategy is to strengthen our position as a leading energy company by providing oil and gas and low-carbon energy as the world's energy system changes. We seek to meet the world’s growing need for more and cleaner energy solutions in ways that are economically, environmentally and socially responsible. Safety and social responsibility are fundamental to our business approach.
Our operations are divided into our businesses: Upstream, Integrated Gas and New Energies, Downstream. Our Projects & Technology organisation manages the delivery of Shell’s major projects and drives our research and innovation.
Royal Dutch Shell was formed in 1907, although our history can be traced back to the first half of the 19th century. Our headquarters are in The Hague, the Netherlands. The parent company of the Shell group is Royal Dutch Shell plc, which is incorporated in England and Wales.
About the ISA Security Compliance Institute (ISCI)
Founded in 2007, the ISA Security Compliance Institute’s mission is to provide the highest level of assurance possible for the cyber security of industrial automation control systems (IACS).
The Institute was established by thought leaders from major organizations in the industrial automation controls community seeking to improve the cyber security posture of critical Infrastructure for generations to come. ISCI Members include Chevron, ExxonMobil, Shell, Aramco Services, Honeywell, Schneider Electric, Yokogawa, exida, Codenomicon, CSSC, and IPA-Japan.
The Institute’s goals are realized through industry standards compliance programs, education, technical support, and improvements in suppliers’ development processes and users’ life cycle management practices. The ISASecure® designation ensures that IACS products conform to industry consensus cyber security standards such as IEC 62443, providing confidence to users of ISASecure products and systems and creating product differentiation for suppliers conforming to the ISASecure specification. www.isasecure.org
ISASecure® is a registered trademark of the ISA Security Compliance Institute.
ISCI press contacts:
Andre Ristaino
919-990-9222
Michael Brazda
919-990-9227