Webinar on 8 May to offer overview of
ISASecure site assessment program activities
DURHAM, N.C., May 6, 2024 /PRNewswire/ -- The International
Society of Automation (ISA) – the leading professional society for
automation – has announced that its ISA Security Compliance
Institute (ISCI) operating under the ISASecure® brand
reported significant membership growth in 2023, adding 25 new
members. The ISASecure program delivers market leading operational
technology (OT) cybersecurity certifications to the ISA/IEC 62443
series of standards.
Companies seeking to participate in the development and adoption
of the ISASecure Automation and Control System Security Assurance
(ACSSA) assessment and certification scheme are the drivers for the
recent membership growth. ISASecure is experiencing similar growth
year to date in 2024, building on the ACSSA momentum.
ACSSA establishes a standardized cybersecurity assessment
methodology for operational technology (OT) based on the
asset-owner series of ISA/IEC 62443 OT cybersecurity standards; and
produces a standardized assessment report detailing the security
capabilities achieved in automation controlling equipment in
operation at asset owner sites.
The ACSSA scheme is attracting compliance software companies who
see an emerging market need to institutionalize the ISA/IEC 62443
standards and complementary conformance specifications into
user-friendly software applications. Features include dashboards,
bar charts, heat maps and other useful reporting capabilities. To
date, most asset owners and consultants have been using
spreadsheets and PDF files to perform assessments and for
reporting. ISASecure will license the ACSSA specifications to
compliance software companies.
"We are on a mission to facilitate the emergence of the ISA/IEC
62443 standards from the primordial ooze of spreadsheets and PDFs
into useful applications to accelerate adoption of the world's most
accepted OT cybersecurity standards," noted Andre Ristaino, ISA Managing Director of
Conformance Programs and Consortia. "The ISASecure ACSSA assessment
specifications establish the foundation for providing
standards-based, objective measures of the cybersecurity posture
for automation in operation at asset owner sites."
The ACSSA program is slated for completion and launch in the
first half of 2025 and will offer a three-day training class for
all parties interested in using the scheme for doing site
assessments and reporting. The scheme and related training are
designed to be used universally by asset owners, consultants,
certification bodies and public policy makers. ACSSA may be applied
to current operations in steady-state, brownfield upgrades and
greenfield sites and expansions.
Key benefits to ISASecure members include discounts on
world-class ISA cybersecurity training and access to the ISASecure
ACSSA assessment specifications with license fees waived.
New ISASecure members represent key OT cybersecurity
stakeholders, including asset owners, automation suppliers,
cybersecurity product and service providers, consulting and
engineering, and EPC firms, government policy makers and
certification bodies. New member additions include:
GSK, Trane, Security Gate, Secudea, Walnut Creek Consulting,
Arcadis, Peloton Cybersecurity, Enaxy, Optiv, Generac, Interstates,
Armexa, Securing Things, CyberPrism, IACS Consulting, Kaizen, UL
Solutions, AC&E, Arnoud Souille, John
Kingsley, RBJ Consultancy and Zuonet.
ISA Managing Director Andre
Ristaino commented further, "It is quite an undertaking to
assemble a group of OT cybersecurity experts who can work with the
ISA/IEC 62443 subject matter experts to develop a consensus
assessment specification. The foundational specification will be
used to evaluate the security of automation controlling equipment
installed at asset owner sites and critical infrastructure
operations. The ACSSA specification can be re-purposed for use in
many industry sectors and use cases. We invite industry sectors
with OT security challenges to use the ACSSA for creating sector
specific assessment profiles."
The ISASecure ISA/IEC 62443 product certification scheme has
been operational since 2010. Large asset owners are already
specifying ISASecure conformance in their procurement language at
security level 2 and higher. Specifying ISASecure in procurement
language costs nothing for asset owners, and ensures investments in
new automation and control systems technology will include
industry-leading standards-based cybersecurity capabilities.
Learn More: Webinar on 8 May
ISA will host a free
webinar about the ISASecure ACSSA program on 8 May from
11 am to 12 pm eastern. Register here
to learn more about the program.
About ISA
The International Society of Automation
(ISA) is a non-profit professional association founded in 1945 to
create a better world through automation. ISA's mission is to
empower the global automation community through standards and
knowledge sharing. ISA develops widely used global standards and
conformity assessment programs; certifies professionals; provides
education and training; publishes books and technical articles;
hosts conferences and exhibits; and provides networking and career
development programs for its members and customers around the
world. Learn more at www.isa.org.
About ISASecure
Founded in 2007 by the International
Society of Automation (ISA), the ISASecure mission is to provide
the highest level of assurance possible for the cybersecurity of
industrial automation control systems. Founders and key supporters
of ISASecure include: BP, Chevron, ExxonMobil, Saudi Aramco, Shell,
GSK, Honeywell, Johnson Controls, Schneider Electric, Yokogawa,
Carrier, Siemens, YPF, Amazon Web Services, exida, TUV Rheinland,
CSSC, FM Approvals, Synopsys, Trust CB, SecurityGate, BYHON, TUV
SUD, Trane and Bureau Veritas. The Program's ISASecure designation
signifies to the marketplace that industrial automation and control
products conform to industry-consensus cybersecurity standards. The
ISASecure trademark provides confidence to users of ISASecure
certified products and systems and creates product differentiation
for suppliers who conform to the ISASecure specifications.
Assessments and certifications for automation in operation at asset
owner sites are available under the ISASecure ACSSA scheme starting
in 2025.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/isasecure-reports-significant-membership-growth-in-support-of-site-assessment-program-302137292.html
SOURCE The International Society of Automation