Legacy industrial devices are "insecure by design" and
therefore vulnerable to interruption from cyber threats or unintentional
network incidents. Risk is increasing as Ethernet networking becomes more
pervasive and more complex. Physical security has internet protocol (IP) based
cameras and sensors sharing the same network infrastructure. Along with that comes the Internet of Things
(IoT) and the Industrial Internet of Things (IIoT). Now your control room
coffee pot and refrigerator may be connected to the internet and exposing your
network to threat actors, ransomware and bots.
The move to using open standards such as Ethernet, TCP/IP, and web technologies in industrial automation and control systems (IACS), supervisory control and data acquisition (SCADA) and process control networks (PCN) has begun to expose these systems to the same cyberattacks that have wreaked so much havoc on corporate information systems. The introduction of complex Windows 7 and 10 operating systems (OS) deployed along with the existing legacy Windows XP OS means that the security risk is even higher.
This presentation provides a high-level overview on how the ISA/IEC 62443 standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for IACS, SCADA, and PCN environments.
As part of ISA's continued efforts to meet the growing need of industrial control systems professionals and to expand its global leader outreach into the security realm, ISA has developed a knowledge-based certificate recognition program designed to increase awareness of the ISA99 committee and the ISA/IEC 62443 standards. The ISA/IEC 62443 Cybersecurity certificate program is designed for professionals involved in IT and control system security roles that need to develop a command of industrial cybersecurity terminology and understanding of the material embedded in the ISA/IEC 62443 standards.
- Use the ISA/IEC 62443 standards to secure your control systems
- Discover the five common myths regarding industrial automation and control system (IACS) security
- Assess the cybersecurity of new or existing control systems
- Understand cybersecurity design & implementation & testing of control systems