ISA, Automation Federation to improve US-UK collaboration to combat industrial cyberattack
North Carolina—Industrial cyber security experts of the International Society of Automation (ISA), the Automation Federation (ISA’s umbrella organization), the US and UK governments, and global business leaders gathered to share common experiences and consider strategies to combat common threats.
The Automation Federation and TechUK (an association of more than 950 member companies in the UK) co-sponsored the event at the request of the British government and the US Department of Homeland Security. The objective was to examine operational technology/Industrial Internet of Things (IIoT) cyber security challenges facing both countries. Shared experiences, obstacles and potential opportunities for collaboration were explored and discussed..
Douglas Maughan, Cyber Security Division Director within the US Department of Homeland Security, Science and Technology Directorate (S&T), explained in his presentation how industry and government within both countries can work together to improve industrial cyber security defenses.
Also presenting and participating were: Steve Mustard, an independent automation consultant and industrial cyber security subject-matter expert of ISA and the Automation Federation; James Keaveney, 2016 ISA President and 2017 Chairman of the Automation Federation; and Andre Ristaino, Managing Director of the ISA Security Compliance Institute.
Mr. Mustard pointed to ISA’s series of industrial automation and control system (IACS) security standards—adopted internationally as ISA/IEC 62443—as a flexible framework for preventing and limiting potentially devastating cyber damage to industrial systems and networks used in critical infrastructure and other industrial environments.
Developed by leading international cyber security experts from industry, government and academia, ISA/IEC 62443 addresses industrial cyber security vulnerabilities across all key industry sectors, and is regarded as the world’s only consensus-based series of IACS security standards.
Mr. Keaveney provided an overview of ISA’s integrated range of standards-based industrial cyber security training courses and related certificate programs. ISA has harnessed the ISA/IEC 62443 standards to develop a comprehensive set of industrial cyber security training courses and aligned certificate programs covering the complete lifecycle of IACS assessment, design, implementation, operations and maintenance. ISA’s cyber security certificate programs are open to those who successfully complete the requirements of ISA’s related cyber security courses.
In a panel discussion, Mr. Ristaino provided an overview of the ISA Security Compliance Institute (ISCI). ISCI manages the ISASecure™ conformance certification program, which ensures that control systems conform to relevant ISA/IEC 62443 cyber security standards and that IACS products and systems are robust against network attacks and free from known vulnerabilities.
Prior to the meeting, ISA and Automation Federation representatives also attended and participated in the “Global Cybersecurity Innovation Summit,” which was presented by the Security Innovation Network (SINET) and co-sponsored by the British government and the US Department of Homeland Security, S&T. The focus of the summit was to help foster a more cohesive, worldwide cyber security community and accelerate innovation through collaboration.
.
Comments