The Industrial Security Podcast Stronger & Faster - ISA/IEC 62443 [The Industrial Security Podcast]
Dec 1, 2021
Eric Cosman, co-chair of the ISA SP-99 committee, shares his expertise in industrial cybersecurity and the evolving IEC 62443 standards. He discusses how experience is shaping these standards to adapt to the Industrial Internet of Things. The importance of a risk-based approach tailored to different industries is highlighted, along with the dynamic nature of cybersecurity threats. Eric emphasizes the need for community engagement in enhancing security measures, urging public participation to drive improvements in industry practices.
AI Snips
Chapters
Transcript
Episode notes
Founding Experience With ISA-99
- Eric helped form ISA-99 in 2002 after his sector decided not to pursue unique standards for chemicals.
- He has served on the committee since inception and now co-chairs the group that authors 62443.
Standards Are Entering A Second Generation
- The 62443 series is maturing and moving into a second generation focused on consistency and wider applicability.
- IEC formally recognizing 62443 as a horizontal standard will drive industry-specific profiles and broader adoption.
Apply 62443 By Consequence, Not Industry
- 62443 targets consequence-driven scope rather than industry verticals, so asset owners must map consequences to apply controls appropriately.
- IEC profiles will help industries translate generic requirements into consequence-aware guidance.