International Society of Automation News Release
Contact: Jennifer Infantino Halsey
ISA Executive Director delivers keynote at US Chamber of Commerce Cybersecurity Conference
Research Triangle Park, North Carolina, USA (16 December 2015) – International Society of Automation (ISA) Executive Director Patrick Gouhin yesterday delivered a keynote address entitled, “Utilizing an Operational Technologies Approach to Mitigating Cybersecurity Risk” at the Cybersecurity Conference in Raleigh, NC, which was co-hosted by the US Chamber of Commerce and the North Carolina Chamber of Commerce.
Top experts from government, law enforcement and the private sector participated in the summit, offering technical information and best practices to help small- and mid-size businesses navigate the cybersecurity framework released by the White House. Experts from DHS, the FBI, Duke Energy, Smith Anderson, SAS, FS-ISAC, the National Institute of Standards and Technology, Century Link, NC State University, UNC-Charlotte, Duke University and others presented on topics such as securing the cyber supply chain, engaging with law enforcement, protecting cyber networks, data breaches, and the evolution of cybersecurity in universities and higher education.
Gouhin’s keynote focused on leveraging an operational technologies approach to cybersecurity challenges, explaining that while IT (information technology) approaches focus on the computers and servers that make the business run, OT (operational technology) approaches focus on the machines that make the factory or plant run.
Gouhin described industry standards development work underway within ISA99, a consensus-based standards committee of more than 500 international experts representing all sectors and critical infrastructure, including energy, water, chemical processing, petroleum refining, food and beverage, pharmaceuticals and manufacturing. The committee is developing a cohesive series of technical standards and best practices (ISA/IEC 62443) focused on industrial automation and control systems security. The keynote also featured information about conformance schemes (ISASecure™) used to certify products so that asset owners can have confidence that the industrial automation and control systems and products they purchase are robust against network attacks and free from known security vulnerabilities.
“It was an honor to deliver a keynote address to this audience filled with cybersecurity experts from industry, small- and medium-sized business leaders, and government agencies,” said Gouhin. “The challenge that we face is very real, and the solutions are vital to the survival and success of manufacturing companies and critical infrastructure around the world. We have hundreds of cybersecurity experts from around the world working together to deliver common-sense risk mitigation approaches for industry, and we look forward to continuing our leadership in this area.”
In 2014, the National Institute of Standards and Technology (NIST) released a cybersecurity framework to help businesses start a cybersecurity program or improve an existing one. The framework was developed in collaboration with public and private organizations, including companies, trade associations, and the US Chamber's Cybersecurity Working Group.
The framework features a number of industry-vetted actions that businesses can take to assess and strengthen their state of security over time. It provides organizations—including their customers, partners and suppliers—with common language for understanding their current cybersecurity posture, setting goals for cybersecurity improvements, and much more.
“A few years ago, cyberattacks against the government and corporations were on the margins of news stories, but now a day doesn't go by that we don't hear about a data breach or cyber-intrusion,” said Ann Beauchesne, senior vice president for National Security and Emergency Preparedness at the U.S. Chamber. “Through this conference and our cybersecurity awareness campaign, the Chamber is urging businesses of all sizes to adopt fundamental Internet security practices to reduce network weaknesses and make the price of successful hacking steep.”
For more information about ISA’s cybersecurity offerings, visit www.isa.org/cybersecurityresources, or call +1 (919) 549-8411.
The International Society of Automation (www.isa.org) is a nonprofit professional association that sets the standard for those who apply engineering and technology to improve the management, safety, and cybersecurity of modern automation and control systems used across industry and critical infrastructure. Founded in 1945, ISA develops widely used global standards; certifies industry professionals; provides education and training; publishes books and technical articles; hosts conferences and exhibits; and provides networking and career development programs for its 36,000 members and 350,000 customers around the world.
ISA owns Automation.com, a leading online publisher of automation-related content, and is the founding sponsor of The Automation Federation (www.automationfederation.org), an association of non-profit organizations serving as “The Voice of Automation.” Through a wholly owned subsidiary, ISA bridges the gap between standards and their implementation with the ISA Security Compliance Institute (www.isasecure.org) and the ISA Wireless Compliance Institute (www.isa100wci.org).
About the ISA Security Compliance Institute (ISCI)
Founded in 2007, the ISA Security Compliance Institute’s mission is to provide the highest level of assurance possible for the cyber security of industrial automation control systems (IACS).
The Institute was established by thought leaders from major organizations in the industrial automation controls community seeking to improve the cyber security posture of Critical Infrastructure for generations to come. ISCI Members include Chevron, ExxonMobil, Aramco Services, Honeywell, Invensys (now Schneider Electric), Yokogawa, exida, Codenomicon, CSSC, and IPA-Japan.
The Institute’s goals are realized through industry standards compliance programs, education, technical support, and improvements in suppliers’ development processes and users’ life cycle management practices. The ISASecure® designation ensures that IACS products conform to industry consensus cyber security standards such as IEC 62443, providing confidence to users of ISASecure products and systems and creating product differentiation for suppliers conforming to the ISASecure specification.
ISASecure® is a registered trademark of the ISA Security Compliance Institute.