Building a Resilient World:
The ISAGCA Blog

Welcome to the official blog of the ISA Global Cybersecurity Alliance (ISAGCA).

This blog covers topics on automation cybersecurity such as risk assessment, compliance, educational resources, and how to leverage the ISA/IEC 62443 series of standards.

The material and information contained on this website is for general information purposes only. ISAGCA blog posts may be authored by ISA staff and guest authors from the cybersecurity community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

Read More

Guide to Security Lifecycles in the ISA/IEC 62443 Series of Standards

Read More

Categories Arrow

All Posts

Guide to Security Lifecycles in the ISA/IEC 62443 Series of Standards

The ISA Global Cybersecurity Alliance (ISAGCA) has officially released a new guide to the security lifecycles outlined in the ISA/IEC 62443 series of standards and technical reports. ISA/IEC 62443 is the world’s only consensus-based series of automation cybersecurity standards.

Security Lifecycles in the ISA/IEC 62443 Series: Security of Industrial Automation and Control Systems,” now available for download by filling out the form at isa.org/securitylifecycles, provides a high-level overview of the two security lifecycles: the product security lifecycle and the automation solution security lifecycle. The guide defines principal roles and responsibilities in industrial automation and control systems (IACS), and it explores how to apply specific standards documents to each phase within the security lifecycles.

isagca-security-lifecycles-whitepaper-cover

This new guide answers some of the most common questions about security lifecycles in the ISA/IEC 62443 standards, including:

  • How can various roles share the responsibility of IACS cybersecurity?
  • What are the differences between the product security lifecycle and the automation solution security lifecycle?
  • Who should be accountable for cyber risk?
  • How does an organization maintain effective, resilient IACS cybersecurity?

One of ISAGCA’s goals is to encourage the wide adoption of the ISA/IEC 62443 series. ISAGCA’s Training and Education work group coordinated the development of this guide, which was authored by Johan Nye and reviewed by the ISA99 committee. Nye is an independent consultant specializing in industrial control systems (ICS) and cybersecurity. During his career spanning more than 38 years, Nye has designed ICS system architectures, created company standards and policies, implemented major ICS projects, supported ICS site engineers, and contributed to the design of several ICS products.

If youd like to download “Security Lifecycles in the ISA/IEC 62443 Series: Security of Industrial Automation and Control Systems,” please visit isa.org/securitylifecycles and fill out the form to indicate your interest. We’ll send you a link to a .pdf file of the guide that you can download or print out and share with your team.
Kara Phelps
Kara Phelps
Kara Phelps is the communications and public relations manager for ISA.

    Recent Posts

    Fuel Your Automation Career with ISA Self-Paced Modular Training

    Related Posts

    Reasons to Prioritize the 2025 ISA OT Cybersecurity Summit

    As operational technology (OT) environments grow increasingly complex and interconnected, the cybersecuri...
    Kara Phelps May 7, 2025 11:30:00 AM

    Understanding the Dark Web's Role in Industrial Cyber Threats

    As industrial systems become increasingly connected, the risks to OT (operational technology) and ICS (in...
    Sushil Dahiya Apr 4, 2025 7:00:00 AM

    New Resource: Comparison of ISA/IEC 62443-4-1 and NIST SP 800-218, Secure Software Development Framework

    The ISA Global Cybersecurity Alliance (ISAGCA) and ISASecure® have published a document comparing the ISA...
    Kara Phelps Mar 28, 2025 12:00:00 PM

    The International Society of Automation (ISA) is a non-profit professional association founded in 1945 to create a better world through automation. ISA advances technical competence by connecting the automation community to achieve operational excellence and is the trusted provider of standards-based foundational technical resources, driving the advancement of individual careers and the overall profession. ISA develops widely used global standards; certifies professionals; provides education and training; publishes books and technical articles; hosts conferences and exhibits; and provides networking and career development programs for its members and customers around the world.


    The material and information contained on this website is for general information purposes only. ISA blog posts may be authored by ISA staff and guest authors from the automation community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

    We're on social media. Keep in touch!

    © 2025 International Society of Automation. All rights reserved.