The International Society of Automation (ISA; Research Triangle Park, N.C.; www.isa.org), developer of ANSI/ISA 62443 series of automation and control systems cybersecurity standards (adopted by the International Electrotechnical Commission and endorsed by the United Nations), has created an open, collaborative forum to advance cybersecurity awareness, readiness, and knowledge sharing.
The ISA Global Cybersecurity Alliance will bring together a global group of stakeholders from end-user companies, control system vendors, IT and OT infrastructure providers, system integrators, and others affiliated with global industry to benefit everyone, especially the communities in which we operate and serve.
Industrial sectors, including manufacturing, commercial buildings, and critical infrastructure facilities, need to explore new ways to better prevent, mitigate, and respond to catastrophic threats and attacks on their safety- and mission-critical assets, operations, and applications.
"Several leading automation and other technology providers have engaged ISA to explore how they can work with us to proactively increase awareness and adoption of cybersecurity best practices, standards, and compliance in all relevant sectors," said ISA Executive Director Mary Ramsey. "As an independent non-profit organization dedicated to improving operational excellence, ISA is uniquely able to fulfill the need for open, collaborative discussions and knowledge sharing."
Among its defined objectives, the Global Cybersecurity Alliance will work to proliferate adoption of and compliance with global standards. The acceleration and expansion of standards will help address technology-related gaps and set best practices for managing processes within an open architecture. The Alliance will also develop certification and education programs for industry professionals; drive advocacy and thought leadership; and facilitate new levels of knowledge sharing among its members. Member companies will identify and prioritize initiatives, ensuring that the Alliance's approach is multi-faceted.
"The ICS cybersecurity threat landscape is becoming more complex, with more direct attacks on control system, IT, and OT infrastructure. Frequently backed by hostile nation-states, malevolent actors are becoming more sophisticated at targeting specific aspects of industrial control systems that have the potential to wreak havoc in the physical world, such as process safety systems," said Larry O'Brien, Vice President of Research for ARC Advisory Group. "Standards and frameworks are valuable, but end users also need the resources to take the guidance provided by standards and put it into practice in real-world plant and OT environments. ARC applauds this effort to increase the security of industrial facilities."
ISA will announce initial members of the Global Cybersecurity Alliance in the coming weeks, as the organization is currently in advanced conversations with several multi-national companies.