Leveraging ISA/IEC 62443 to safe industrial operations is simpler than you suppose


To many individuals, the ISA99/IEC 62443 industrial safety normal is sort of a New Yr’s decision: You understand it’ll convey you nice advantages, so that you begin engaged on it, however you ultimately surrender as a result of it appears complicated or different priorities come up. But it surely actually shouldn’t be like that. Let me clarify why.

Industrial networks and important infrastructures have turn into the brand new playground for cyber criminals. Whether or not you run international manufacturing operations, an area water utility, an influence grid community or only a small industrial plant in the midst of nowhere, you’re eligible for a cyber assault. What can be the consequence? Manufacturing halts, lack of income, damaged industrial gear, injury to the atmosphere, and even injured workers. Nothing else needs to be greater in your precedence listing than securing your industrial operations.

The Worldwide Society of Automation (ISA) and the Worldwide Electrotechnical Fee (IEC) have developed the ISA99/IEC 62443 sequence of requirements. It’s a framework to implement industrial cybersecurity greatest practices step-by-step and drive steady enchancment. The sequence covers many elements, however the important thing half is ISA/IEC 62443-3-3, which describes the safety capabilities it is best to implement.

Some would possibly suppose that ISA/IEC 62443-3-3 is just suited to manufacturing operations, however most of its safety necessities apply to all business verticals. Moreover, the ISA and IEC at the moment are engaged on creating profiles for particular industries, so no matter you implement as we speak will probably be leveraged tomorrow to adjust to a extra thorough listing of necessities.

To drive you thru the ISA/IEC 62443-3-3, my colleagues Andrew McPhee and Maik Seewald have written a quick and detailed white paper itemizing all safety necessities and how one can comply. The primary key takeaway is that by leveraging Cisco’s complete industrial networking and cybersecurity portfolio, implementing the usual couldn’t be simpler.

For instance, the ISA/IEC 62443-3-3 highlights the crucial of controlling entry to sources and limiting communications by imposing the least privilege precept that grants customers and units solely the rights they should carry out their duties. In a nutshell, asset identification, consumer authentication, and micro-segmentation are a should to cut back the publicity of the commercial management system (ICS) to cyberthreats and restrict the unfold of assaults.

Utilizing Cisco Id Companies Engine (ISE) along with Cisco Cyber Imaginative and prescient, Safe Firewall, and Duo, industrial organizations can simply implement this zero-trust method to their OT networks. These merchandise have been designed and examined collectively to allow seamless workflows and out-of-the-box integration. I instructed you it didn’t must be complicated!

On November 10, 2022, Andrew and Maik will current a webinar explaining the ISA/IEC 62443-3-3 and its safety necessities. Register now and make sure to attend to study capabilities you may be lacking as we speak and how one can simply implement them.

As a follow-up to this overview, we’ll see how one can implement micro-segmentation in industrial networks in a second webinar. On December 6, 2022, we’ll dive into the ISA/IEC 62443 zones and conduits mannequin and present you ways Cisco ISE and Cyber Imaginative and prescient can implement OT micro-segmentation. Register right here.

Securing industrial operations additionally means leveraging IT safety instruments and processes. On December 15, the webinar closing the sequence will talk about how one can prolong IT safety to industrial operations so safety analysts can examine and remediate threats throughout each IT and OT domains. Register right here.

Till then, take a look at our ISA/IEC 62443-3-3 white paper and be sure you subscribe to our Industrial Safety E-newsletter.



Leave a Reply

Your email address will not be published. Required fields are marked *