Building a Resilient World:
The ISAGCA Blog

Welcome to the official blog of the ISA Global Cybersecurity Alliance (ISAGCA).

This blog covers topics on automation cybersecurity such as risk assessment, compliance, educational resources, and how to leverage the ISA/IEC 62443 series of standards.

The material and information contained on this website is for general information purposes only. ISAGCA blog posts may be authored by ISA staff and guest authors from the cybersecurity community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

Read More

Improving Operational Technology (OT) Cybersecurity Through the ISAGCA

Read More

Categories Arrow

All Posts

Improving Operational Technology (OT) Cybersecurity Through the ISAGCA

At this moment, we as a society are witnessing how crucial supply chains, manufacturing, and critical infrastructure are to the smooth running of modern civilization. The global pandemic crystallizes the importance of critical infrastructure to everyday citizens, who, in the past, may have taken for granted what it takes to keep consumer goods hitting store shelves or ample medical equipment humming in hospitals. But those of us who work in the industrial world have long understood the role our critical infrastructure plays in maintaining civil health and safety, both in times of crisis and in calm.

This is why the International Society of Automation (ISA) has taken such a keen interest in helping all of us stakeholders in industrial control systems to improve the state of our cybersecurity for operational technology (OT). Cybersecurity awareness and readiness plays a vital role in the sustainability and resilience of critical infrastructure environments. Last year, ISA started the ISA Global Security Alliance (ISAGCA), intending to raise the bar on OT cybersecurity.

With the help of founding member companies from across the industrial control systems ecosystem, including vendors, end-users, systems integrators, solution providers, and cybersecurity companies like the one I work for (Dragos), ISAGCA is making OT cybersecurity progress on many important fronts. This post is the start of a blog series on the major topics the ISAGCA has undertaken in 2020. The next post will address the traditional information technology (IT) person’s perspective as they are immersed into an OT environment. Finally, we will cover the objectives of IT and OT cybersecurity. We will discuss where they intersect, tools they might use, what collaboration looks like, and most importantly, what IT/OT convergence really means.

Here's how the ISA Global Cybersecurity Alliance plans to make a difference in 2020 and beyond:

Fostering Collaboration

With a roster of more than 30 multinational industrial-technical providers and other key stakeholders, ISAGCA has established itself as a facilitator for important industry-wide collaboration and a conduit for communication focused solely on OT cybersecurity issues.

Developing and Revising Standards

As a leader in standards development for management and safety in modern automation and control systems, ISA has a lot of experience building consensus around best practices and more. In the run-up to the establishment of ISAGCA, ISA and the International Electrotechnical Commission (IEC) developed the ISA/IEC 62443 Series of Standards, which lays out requirements, procedures, and assessment practices for securing automation and industrial control systems. (Note: a "Quick Start Guide" to this series has been made available for download.) ISAGCA will help facilitate further refinement of standards like these and the development of others as the alliance identifies future needs. 

Sharing Knowledge

The rich tapestry of expertise and resources that span across ISAGCA membership makes the group a hub for effective sharing of information and tools that can help all critical infrastructure stakeholders stay a step ahead of threats targeting the facilities, processes, communities, and industries they support. For example, Dragos will bring its years of cybersecurity expertise to the table to collaborate with ISAGCA members to develop tools for industrial asset owners to better manage their cybersecurity lifecycle. This is one of many initiatives on the horizon.

Building Awareness

The core mission of ISAGCA is to build awareness and extend education on OT cybersecurity across the automation and industrial control ecosystem. The thought leaders across the alliance membership roster have been hard at work developing content and educational material to support our first Cybersecurity Standards Implementation Conference. Initially slated for May, we've had to postpone due to the coronavirus. In the meantime, we are exploring some virtual options to share some of the content with users as we go into the summer months. We'll keep everyone apprised of the situation, but rest assured this will be a great first offering to learn about important subjects, including resilient system design, risk assessment and prioritization, industry/organization change management, and more.

As we move ahead in 2020, consider looking here at the ISAGCA blog for more educational blogs to learn how to get started advancing OT cybersecurity. As we said previously, this is just the first blog in a series. Stay tuned for plenty of essential pointers in the months to come.
Joshua Carlson, Dragos
Joshua Carlson, Dragos
Joshua Carlson is the senior business development manager at Dragos.

    Recent Posts

    Astronaut on a rocket

    Related Posts

    How to Secure Machine Learning Data

    Data security is paramount in machine learning, where knowledge drives innovation and decision-making. Th...
    Zac Amos Mar 12, 2024 11:10:47 AM

    Fortifying Your Security Arsenal: A Strategic Approach to Safeguarding OT Security Assets from Adversarial Threats

    Introduction Despite investing significant budgets and resources in security products and services. The c...
    Mohannad AlRasan Mar 5, 2024 9:17:57 AM

    Why Collaboration Is Essential for Cybersecurity Teams

    Today’s cybersecurity workforce faces seemingly insurmountable workloads and increasing pressure to manag...
    Zac Amos Feb 27, 2024 10:40:13 AM

    The International Society of Automation (ISA) is a non-profit professional association founded in 1945 to create a better world through automation. ISA advances technical competence by connecting the automation community to achieve operational excellence and is the trusted provider of standards-based foundational technical resources, driving the advancement of individual careers and the overall profession. ISA develops widely used global standards; certifies professionals; provides education and training; publishes books and technical articles; hosts conferences and exhibits; and provides networking and career development programs for its members and customers around the world.


    The material and information contained on this website is for general information purposes only. ISA blog posts may be authored by ISA staff and guest authors from the automation community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

    We're on social media. Keep in touch!

    © 2024 International Society of Automation. All rights reserved.