- June 24, 2017
- Research Triangle Park, North Carolina
The International Society of Automation (ISA), at the request of the US Department of Homeland Security, has developed a white paper designed to help small- and medium-sized businesses (SMBs) recognize their vulnerability to industrial cyberattack and forge an effective cybersecurity plan based on established standards and practices.
“Effective cybersecurity management is essential for all organizations, regardless of size,” emphasizes Bill Joss, ISA’s Senior Business Development Manager. “However, most medium- and smaller-sized companies that manage industrial processes and employ some level of automation are unaware of the cyber-risks they face, and are not adequately prepared to implement the proven cybersecurity standards and practices that are available to them.”
“Industrial Cybersecurity for Small and Medium Sized Businesses” leverages ISA’s in-depth knowledge of industrial automation and control systems (IACS) and subject-matter expertise in industrial cybersecurity.
“SMBs need to fully understand their cybersecurity risk and take action to reduce this risk, just as they do with other business risks,” Joss says. “The absence of previous incidents, or the belief that the organization is not a likely target, is not sufficient justification for ignoring this issue.”
SMBs—just like large manufacturing operations—are at risk from a wide variety of threats, including amateur and professional hackers, environmental activists, disgruntled employees or contractors and even nation states or terrorists. In addition, many cybersecurity incidents are a result of accidents or unintentional actions. A company does not have to be a specific target to be affected.
The white paper provides a thorough overview of industrial cybersecurity, covering:
- Risk assessment
- Essential cybersecurity initiatives, including: Identification, Protection, Detection, Response and Recovery
- Awareness and training
- Continuous improvement
- Additional references
The document was co-written by two prominent ISA cybersecurity experts: Steve Mustard, a consultant who has developed cybersecurity management systems, procedures and training for many critical infrastructure organizations throughout the world; and Eric Cosman, a manufacturing operations and control systems consultant and Co-Chair of the ISA99 Committee on industrial cybersecurity standards and practices.
For more information
To learn more about the ISA/IEC 62443 series of cybersecurity standards, ISA cybersecurity training and certificate programs, and ISA’s wide range of industrial cybersecurity resources, click here or contact Heidi Cooke, Sr. Learning Consultant, at +1 -919-990-9405 or via email at email@example.com.