The ISA Global Cybersecurity Alliance (ISAGCA) announced the release of a position paper detailing the automation cybersecurity public policy views of the organization and its fifty industry-leading companies.
Recent discussions have surfaced in the United States and other world governments about how to best secure automation and control systems that affect our everyday lives, especially in critical infrastructure. US President Biden issued Executive Order 14028 on May 12, 2021, addressing securing automation in critical infrastructure; and the ISA Global Cybersecurity Alliance submitted a formal response.
ISAGCA and its member companies hope the executive order and other measures will encourage those who support the nation’s critical infrastructure to develop and implement automation cybersecurity capabilities to protect and secure technologies that impact our daily lives.
ISAGCA member companies and thought leaders have a long history of adopting a standards-based approach for securing automation products and operating sites based on the ISA/IEC 62443 series of international cybersecurity standards. The ISA/IEC 62443 standards and technical reports have been successfully applied to a wide variety of industry sectors, including process industries such as chemicals and oil & gas, building automation, electric power generation and distribution, medical devices, and transportation.
“It is critically important for legislators and regulators to recognize the urgent need for a unified response to this threat,” said ISA Global Cybersecurity Alliance Managing Director Andre Ristaino. “Standard definitions and a common language for asset owners, product suppliers, and all other control system stakeholders is necessary to simplify procurement and enable companies to comply with any regulatory efforts. A fully developed ISA/IEC 62443 ecosystem enables facilities and operations across many different industries to achieve industrial control systems and automation cybersecurity.”
ISAGCA continues to work with state and federal legislators, regulators, and other standards bodies to ensure that the ISA/IEC 62443 standards are included as the reference standards for establishing IACS cybersecurity metrics in automation that affects our everyday lives. This position paper describes the public policies and associated reference standards supported by ISAGCA.