Building a Resilient World:
The ISAGCA Blog

Welcome to the official blog of the ISA Global Cybersecurity Alliance (ISAGCA).

This blog covers topics on automation cybersecurity such as risk assessment, compliance, educational resources, and how to leverage the ISA/IEC 62443 series of standards.

The material and information contained on this website is for general information purposes only. ISAGCA blog posts may be authored by ISA staff and guest authors from the cybersecurity community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

All Posts

Guide to Security Lifecycles in the ISA/IEC 62443 Series of Standards

The ISA Global Cybersecurity Alliance (ISAGCA) has officially released a new guide to the security lifecycles outlined in the ISA/IEC 62443 series of standards and technical reports. ISA/IEC 62443 is the world’s only consensus-based series of automation cybersecurity standards.

Security Lifecycles in the ISA/IEC 62443 Series: Security of Industrial Automation and Control Systems,” now available for download by filling out the form at isa.org/securitylifecycles, provides a high-level overview of the two security lifecycles: the product security lifecycle and the automation solution security lifecycle. The guide defines principal roles and responsibilities in industrial automation and control systems (IACS), and it explores how to apply specific standards documents to each phase within the security lifecycles.

isagca-security-lifecycles-whitepaper-cover

This new guide answers some of the most common questions about security lifecycles in the ISA/IEC 62443 standards, including:

  • How can various roles share the responsibility of IACS cybersecurity?
  • What are the differences between the product security lifecycle and the automation solution security lifecycle?
  • Who should be accountable for cyber risk?
  • How does an organization maintain effective, resilient IACS cybersecurity?

One of ISAGCA’s goals is to encourage the wide adoption of the ISA/IEC 62443 series. ISAGCA’s Training and Education work group coordinated the development of this guide, which was authored by Johan Nye and reviewed by the ISA99 committee. Nye is an independent consultant specializing in industrial control systems (ICS) and cybersecurity. During his career spanning more than 38 years, Nye has designed ICS system architectures, created company standards and policies, implemented major ICS projects, supported ICS site engineers, and contributed to the design of several ICS products.

If youd like to download “Security Lifecycles in the ISA/IEC 62443 Series: Security of Industrial Automation and Control Systems,” please visit isa.org/securitylifecycles and fill out the form to indicate your interest. We’ll send you a link to a .pdf file of the guide that you can download or print out and share with your team.

Kara Phelps
Kara Phelps
Kara Phelps is the communications and public relations manager for ISA.

Related Posts

AI and Machine Learning in Automation: The Security Imperative

As artificial intelligence (AI) and machine learning (ML) continue to revolutionize industrial automation...
Vaibhav Malik Jul 12, 2024 7:00:00 AM

Top ISAGCA Blog Posts of 2024 (So Far)

Here on the official blog of the ISA Global Cybersecurity Alliance (ISAGCA), we're dedicated to sharing i...
Kara Phelps Jul 5, 2024 7:00:00 AM

Importance and Challenges of OT Patching in Line with ISA/IEC 62443-2-3

In the realm of Industrial Automation and Control Systems (IACS), effective patch management is critical,...
Muhammad Musbah Jun 28, 2024 11:00:00 AM