Building a Resilient World:
The ISAGCA Blog

Welcome to the official blog of the ISA Global Cybersecurity Alliance (ISAGCA).

This blog covers topics on automation cybersecurity such as risk assessment, compliance, educational resources, and how to leverage the ISA/IEC 62443 series of standards.

All Posts

Guide to Security Lifecycles in the ISA/IEC 62443 Series of Standards

The ISA Global Cybersecurity Alliance (ISAGCA) has officially released a new guide to the security lifecycles outlined in the ISA/IEC 62443 series of standards and technical reports. ISA/IEC 62443 is the world’s only consensus-based series of automation cybersecurity standards.

Security Lifecycles in the ISA/IEC 62443 Series: Security of Industrial Automation and Control Systems,” now available for download by filling out the form at isa.org/securitylifecycles, provides a high-level overview of the two security lifecycles: the product security lifecycle and the automation solution security lifecycle. The guide defines principal roles and responsibilities in industrial automation and control systems (IACS), and it explores how to apply specific standards documents to each phase within the security lifecycles.

isagca-security-lifecycles-whitepaper-cover

This new guide answers some of the most common questions about security lifecycles in the ISA/IEC 62443 standards, including:

  • How can various roles share the responsibility of IACS cybersecurity?
  • What are the differences between the product security lifecycle and the automation solution security lifecycle?
  • Who should be accountable for cyber risk?
  • How does an organization maintain effective, resilient IACS cybersecurity?

One of ISAGCA’s goals is to encourage the wide adoption of the ISA/IEC 62443 series. ISAGCA’s Training and Education work group coordinated the development of this guide, which was authored by Johan Nye and reviewed by the ISA99 committee. Nye is an independent consultant specializing in industrial control systems (ICS) and cybersecurity. During his career spanning more than 38 years, Nye has designed ICS system architectures, created company standards and policies, implemented major ICS projects, supported ICS site engineers, and contributed to the design of several ICS products.

If youd like to download “Security Lifecycles in the ISA/IEC 62443 Series: Security of Industrial Automation and Control Systems,” please visit isa.org/securitylifecycles and fill out the form to indicate your interest. We’ll send you a link to a .pdf file of the guide that you can download or print out and share with your team.

Kara Phelps
Kara Phelps
Kara Phelps was the content manager for ISA from 2019-2021.

Related Posts

Cybersecurity Investment Tax Credits

Cyberattacks continue to grow worldwide, which has increased awareness and concern about utilities, indus...
Bill Lydon Nov 30, 2021 5:30:00 AM

IEC Designates ISA/IEC 62443 as a Horizontal Standard

The International Society of Automation (ISA) and the ISA Global Cybersecurity Alliance (ISAGCA) are prou...
Steven Aliano Nov 23, 2021 5:30:00 AM

Architecture vs. Design

Many Operational Technology (OT) projects start with identifying the requirements and then diving straigh...
Achal Lekhi Nov 16, 2021 5:30:00 AM