Home >ISA & the Automation Federation seek to reduce industrial cyber attack risks
ISA & the Automation Federation seek to reduce industrial cyber attack risks
05 June 2017
Industrial cybersecurity experts of the International Society of Automation (ISA), the Automation Federation (ISA’s umbrella organisation), and the US and UK governments, and global business leaders recently gathered in London to share common experiences and consider strategies to combat common threats.
The one-day meeting was co-sponsored by the Automation Federation and TechUK (an association of more than 950 member companies in the UK) at the request of the British government and the US Department of Homeland Security. The objective of the gathering was to examine operational technology/Industrial Internet of Things (IIoT) cybersecurity challenges facing both the US and the UK. Meeting speakers and participants discussed shared experiences and obstacles and explored potential opportunities for collaboration.
Douglas Maughan, Cyber Security Division Director within the US Department of Homeland Security, Science and Technology Directorate (S&T), explained in his presentation how industry and government within both countries can work together to improve industrial cybersecurity defenses.
Also presenting and participating were: Steve Mustard, an independent automation consultant and industrial cybersecurity subject-matter expert of ISA and the Automation Federation; James Keaveney, 2016 ISA President and 2017 Chairman of the Automation Federation; and Andre Ristaino, Managing Director of the ISA Security Compliance Institute.
Mustard pointed to ISA’s series of industrial automation and control system (IACS) security standards— adopted internationally as ISA/IEC 62443—as a flexible framework for preventing and limiting potentially devastating cyber damage to the industrial systems and networks used in critical infrastructure and other industrial environments.
Developed by leading international cybersecurity experts from industry, government and academia, ISA/IEC 62443 addresses industrial cybersecurity vulnerabilities across all key industry sectors and is regarded as the world’s only consensus-based series of IACS security standards.
Keaveney provided an overview of ISA’s integrated range of standards-based industrial cybersecurity training courses and related certificate programs. ISA has harnessed the ISA/IEC 62443 standards to develop a comprehensive set of industrial cybersecurity training courses and aligned certificate programs—covering the complete lifecycle of IACS assessment, design, implementation, operations and maintenance. ISA’s cybersecurity certificate programs are open to those who successfully complete the requirements of ISA’s related cybersecurity courses.
Ristaino, in a panel discussion, provided an overview of the ISA Security Compliance Institute (ISCI). ISCI manages the ISASecure™ conformance certification program, which ensures that control systems conform to relevant ISA/IEC 62443 cybersecurity standards and that IACS products and systems are robust against network attacks and free from known vulnerabilities.
Prior to the meeting, ISA and Automation Federation representatives also attended and participated in the “Global Cybersecurity Innovation Summit,” which was presented by the Security Innovation Network (SINET) and co-sponsored by the British government and the US Department of Homeland Security, S&T. The focus of the summit was to help foster a more cohesive, worldwide cybersecurity community and accelerate innovation through collaboration.