To many individuals, the ISA99/IEC 62443 industrial safety commonplace is sort of a New Year’s decision: You know it’ll convey you nice advantages, so that you begin engaged on it, however you ultimately quit as a result of it appears advanced or different priorities come up. But it actually shouldn’t be like that. Let me clarify why.
Industrial networks and important infrastructures have change into the brand new playground for cyber criminals. Whether you run international manufacturing operations, a neighborhood water utility, an influence grid community or only a small industrial plant in the midst of nowhere, you’re eligible for a cyber assault. What could be the outcome? Production halts, lack of income loss, damaged industrial gear, injury to the surroundings, and even injured workers. Nothing else ought to be greater in your precedence listing than securing your industrial operations.
The International Society of Automation (ISA) and the International Electrotechnical Commission (IEC) have developed the ISA99/IEC 62443 sequence of requirements. It is a framework to implement industrial cybersecurity finest practices step-by-step and drive steady enchancment. The sequence covers many points, however the important thing half is ISA/IEC 62443-3-3, which describes the safety capabilities you need to implement.
Some would possibly suppose that ISA/IEC 62443-3-3 is just fitted to manufacturing operations, however most of its safety necessities apply to all business verticals. Furthermore, the ISA and IEC are actually engaged on growing profiles for particular industries, so no matter you implement right this moment shall be leveraged tomorrow to adjust to a extra thorough listing of necessities.
To drive you thru the ISA/IEC 62443-3-3, my colleagues Andrew McPhee and Maik Seewald have written a quick and detailed white paper itemizing all safety necessities and the way to comply. The most important key takeaway is that by leveraging Cisco’s complete industrial networking and cybersecurity portfolio, implementing the usual couldn’t be simpler.
As an instance, the ISA/IEC 62443-3-3 highlights the crucial of controlling entry to assets and limiting communications by imposing the least privilege precept that grants customers and gadgets solely the rights they should carry out their duties. In a nutshell, asset identification, consumer authentication, and micro-segmentation are a should to cut back the publicity of the commercial management system (ICS) to cyberthreats and restrict the unfold of assaults.
Using Cisco Identity Services Engine (ISE) along with Cisco Cyber Vision, Secure Firewall, and Duo, industrial organizations can simply implement this zero-trust method to their OT networks. These merchandise have been designed and examined collectively to allow seamless workflows and out-of-the-box integration. I instructed you it didn’t should be advanced!
On November 10, 2022, Andrew and Maik will current a webinar explaining the ISA/IEC 62443-3-3 and its safety necessities. Register now and you should definitely attend to find out about capabilities you may be lacking right this moment and how one can simply implement them.
As a follow-up to this overview, we’ll see the way to implement micro-segmentation in industrial networks in a second webinar. On December 6, 2022, we’ll dive into the ISA/IEC 62443 zones and conduits mannequin and present you the way Cisco ISE and Cyber Vision can implement OT micro-segmentation. Register right here.
Securing industrial operations additionally means leveraging IT safety instruments and processes. On December 15, the webinar closing the sequence will talk about the way to lengthen IT safety to industrial operations so safety analysts can examine and remediate threats throughout each IT and OT domains. Register right here.
Until then, take a look at our ISA/IEC 62443-3-3 white paper and be sure to subscribe to our Industrial Security Newsletter.
Share: