Train with Henry Kister – Practical Distillation Technology

12–14 Oct, London
News & Events

ISASecure® Announces Site Assessment Program for OT Cybersecurity

First-of-its-kind program aims to demonstrate operating site compliance with the international standard ISA/IEC 62443

Listen to this article

Durham, NC, February 7, 2023 – Today, the International Society of Automation (ISA), along with the ISA Security Compliance Institute (ISCI), has announced its intention to create an all-new conformity assessment scheme for automation systems deployed at operating sites—a critical and long overdue addition to the landscape of operational technology (OT) cybersecurity solutions.

Based on the world’s only consensus-based automation and control systems cybersecurity standards—ISA/IEC 62443—the OT cybersecurity site assessment scheme will apply to all types of automation and control systems in industries ranging from traditional process industries to critical infrastructure such as oil and gas, chemicals, and water/wastewater.

Suppliers have broadly adopted the leading international standard for OT cybersecurity, ISA/IEC 62443, as well as its certification scheme, ISASecure, for commercial off-the-shelf (COTS) automation and control system products and supplier’s security development practices. ISASecure recently released an IIOT component and gateway certification program (ICSA) to remain current with new technology advances. However, asset owners and plant managers have yet to coalesce around a single cybersecurity assessment scheme for OT deployed at operating sites, relying instead upon a patchwork of third-party specifications that may not promote industrial control system (ICS) security best practices, leaving operating sites vulnerable.

“The proposed siteassessment scheme will have a critical role in the OTcybersecurity landscape—the automation systems at the operating site itself,” said Brandon Price, ExxonMobil Senior Principal Engineer for ICS Cybersecurity and current ISCI Board Chairman. “This standards-based program is unique, and we anticipate it will become the global standard used by operating sites, certification bodies, internal auditors, and public policy makers.”

The program will encourage the broad industry adoption of the ISA/IEC 62443 operating site cybersecurity standards and best practices. ISA and ISCI plans include building and overseeing a related training and credentialing program for site assessors. ISA and other training organizations already offer training for the ISA/IEC 62443 operating site standards.

“We are inviting companies who are interested in supporting and promoting this program to participate; particularly end-users whose support is critical to this program’s success. Supporters may participate in specification development, provide funding, or simply provide public support,” said Andre Ristaino, Managing Director of ISA Consortia and Conformity Assessment Programs.

“We anticipate a development schedule of 12-14 months and expect to formally launch the program in Q4 2023 or early 2024,” said Ristaino.

To learn more and to get involved, visit https://isasecure.org/isasecure-site-assessment-0.

An informational webinar will also be held on 28 February at 11 am Eastern – to register, visit https://register.gotowebinar.com/register/8957191695766506073.

Show More

    Would you like further information about this article?

    Add your details below and we'll be in touch ASAP!


    Input this code: captcha

    Phil Black - PII Editor

    I'm the Editor here at Process Industry Informer, where I have worked for the past 17 years. Please feel free to join in with the conversation, or register for our weekly E-newsletter and bi-monthly magazine here: https://www.processindustryinformer.com/magazine-registration. I look forward to hearing from you!
    Back to top button

    Join 25,000 process industry specialists and subscribe to:

    PII has a global network of suppliers ready to help...