Security Risk Assessment for Design.

The International Society of Automation (ISA) and the ISA Global Cybersecurity Alliance (ISAGCA), with contributing author Harold Thomas, have released a white paper entitled "Leveraging ISA 62443-3-2 For IACS Risk Assessment and Risk Related Strategies." ^*

The white paper provides the reader with an overview of ISA 62443-3-2, “Security Risk Assessment for Design,” as well as a summary of some of the methodologies that can be used to assist the execution of the industrial automation control system (IACS) cybersecurity risk assessment work process requirements, detailed in the standard.

The major steps include: Identification of the System under Consideration (SuC) Perform an Initial Cyber Risk Assessment Partition the SuC into Zones and Conduits Perform a Detailed Level Cyber Risk Assessment Document Updated Cyber Security Requirements for Detailed Design

“ISAGCA’s mission is to enable and accelerate adoption of cybersecurity practices for all stakeholder groups based on the ISA/IEC 62443 family of automation cybersecurity standards,” commented Andre Ristaino, ISAGCA Managing Director. “Our member companies are working in collaboration with one another, industry partners, and regulatory/legislative bodies to secure automation that affects our everyday lives.”

*In addition to the white paper, ISAGCA and Harold Thomas have previously released a May 6th 2021 webinar on the subject, as well as a blog entitled “Getting Started With Cybersecurity Risk Assessment: When It’s Not About Information Technology” published later in the same month.

@ISA_Interchange #ISAGCA #PAuto #Cybersecurity