Building a Resilient World:
The ISAGCA Blog

Welcome to the official blog of the ISA Global Cybersecurity Alliance (ISAGCA).

This blog covers topics on automation cybersecurity such as risk assessment, compliance, educational resources, and how to leverage the ISA/IEC 62443 series of standards.

The material and information contained on this website is for general information purposes only. ISAGCA blog posts may be authored by ISA staff and guest authors from the cybersecurity community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

All Posts

Guide to Security Lifecycles in the ISA/IEC 62443 Series of Standards

The ISA Global Cybersecurity Alliance (ISAGCA) has officially released a new guide to the security lifecycles outlined in the ISA/IEC 62443 series of standards and technical reports. ISA/IEC 62443 is the world’s only consensus-based series of automation cybersecurity standards.

Security Lifecycles in the ISA/IEC 62443 Series: Security of Industrial Automation and Control Systems,” now available for download by filling out the form at isa.org/securitylifecycles, provides a high-level overview of the two security lifecycles: the product security lifecycle and the automation solution security lifecycle. The guide defines principal roles and responsibilities in industrial automation and control systems (IACS), and it explores how to apply specific standards documents to each phase within the security lifecycles.

isagca-security-lifecycles-whitepaper-cover

This new guide answers some of the most common questions about security lifecycles in the ISA/IEC 62443 standards, including:

  • How can various roles share the responsibility of IACS cybersecurity?
  • What are the differences between the product security lifecycle and the automation solution security lifecycle?
  • Who should be accountable for cyber risk?
  • How does an organization maintain effective, resilient IACS cybersecurity?

One of ISAGCA’s goals is to encourage the wide adoption of the ISA/IEC 62443 series. ISAGCA’s Training and Education work group coordinated the development of this guide, which was authored by Johan Nye and reviewed by the ISA99 committee. Nye is an independent consultant specializing in industrial control systems (ICS) and cybersecurity. During his career spanning more than 38 years, Nye has designed ICS system architectures, created company standards and policies, implemented major ICS projects, supported ICS site engineers, and contributed to the design of several ICS products.

If youd like to download “Security Lifecycles in the ISA/IEC 62443 Series: Security of Industrial Automation and Control Systems,” please visit isa.org/securitylifecycles and fill out the form to indicate your interest. We’ll send you a link to a .pdf file of the guide that you can download or print out and share with your team.

Kara Phelps
Kara Phelps
Kara Phelps was the content manager for ISA from 2019-2021.

Related Posts

The Role of AI in Whistleblower Identity Protection and Incident Reporting

Whistleblowers uphold transparency and ethics across various sectors. Shedding light on misconduct helps ...
Devin Partida Feb 20, 2024 8:00:00 AM

7 Tips for Fraud Prevention for Multinational Companies

Fraud prevention is crucial for multinational companies as it safeguards their assets and ensures the tru...
Zac Amos Feb 13, 2024 8:00:00 AM

AI Revolution in OT Cybersecurity: Pen Testing and Forensics Unleashed

Introduction In the realm of cybersecurity, the significance of penetration testing and digital forensics...
Mohannah AlRasan Feb 6, 2024 1:49:21 PM