TMCnet News
ISASecure® Reports Significant Membership Growth in Support of Site Assessment ProgramWebinar on 8 May to offer overview of ISASecure site assessment program activities DURHAM, N.C., May 6, 2024 /PRNewswire/ -- The International Society of Automation (ISA) – the leading professional society for automation – has announced that its ISA Security Compliance Institute (ISCI) operating under the ISASecure® brand reported significant membership growth in 2023, adding 25 new members. The ISASecure program delivers market leading operational technology (OT) cybersecurity certifications to the ISA/IEC 62443 series of standards. Companies seeking to participate in the development and adoption of the ISASecure Automation and Control System Security Assurance (ACSSA) assessment and certification scheme are the drivers for the recent membership growth. ISASecure is experiencing similar growth year to date in 2024, building on the ACSSA momentum. ACSSA establishes a standardized cybersecurity assessment methodology for operational technology (OT) based on the asset-owner series of ISA/IEC 62443 OT cybersecurity standards; and produces a standardized assessment report detailing the security capabilities achieved in automation controlling equipment in operation at asset owner sites. The ACSSA scheme is attracting compliance software companies who see an emerging market need to institutionalize the ISA/IEC 62443 standards and complementary conformance specifications into user-friendly software applications. Features include dashboards, bar charts, heat maps and other useful reporting capabilities. To date, most asset owners and consultants have been sing spreadsheets and PDF files to perform assessments and for reporting. ISASecure will license the ACSSA specifications to compliance software companies. "We are on a mission to facilitate the emergence of the ISA/IEC 62443 standards from the primordial ooze of spreadsheets and PDFs into useful applications to accelerate adoption of the world's most accepted OT cybersecurity standards," noted Andre Ristaino, ISA Managing Director of Conformance Programs and Consortia. "The ISASecure ACSSA assessment specifications establish the foundation for providing standards-based, objective measures of the cybersecurity posture for automation in operation at asset owner sites." The ACSSA program is slated for completion and launch in the first half of 2025 and will offer a three-day training class for all parties interested in using the scheme for doing site assessments and reporting. The scheme and related training are designed to be used universally by asset owners, consultants, certification bodies and public policy makers. ACSSA may be applied to current operations in steady-state, brownfield upgrades and greenfield sites and expansions. Key benefits to ISASecure members include discounts on world-class ISA cybersecurity training and access to the ISASecure ACSSA assessment specifications with license fees waived. New ISASecure members represent key OT cybersecurity stakeholders, including asset owners, automation suppliers, cybersecurity product and service providers, consulting and engineering, and EPC firms, government policy makers and certification bodies. New member additions include: GSK, Trane, Security Gate, Secudea, Walnut Creek Consulting, Arcadis, Peloton Cybersecurity, Enaxy, Optiv, Generac, Interstates, Armexa, Securing Things, CyberPrism, IACS Consulting, Kaizen, UL Solutions, AC&E, Arnoud Souille, John Kingsley, RBJ Consultancy and Zuonet. ISA Managing Director Andre Ristaino commented further, "It is quite an undertaking to assemble a group of OT cybersecurity experts who can work with the ISA/IEC 62443 subject matter experts to develop a consensus assessment specification. The foundational specification will be used to evaluate the security of automation controlling equipment installed at asset owner sites and critical infrastructure operations. The ACSSA specification can be re-purposed for use in many industry sectors and use cases. We invite industry sectors with OT security challenges to use the ACSSA for creating sector specific assessment profiles." The ISASecure ISA/IEC 62443 product certification scheme has been operational since 2010. Large asset owners are already specifying ISASecure conformance in their procurement language at security level 2 and higher. Specifying ISASecure in procurement language costs nothing for asset owners, and ensures investments in new automation and control systems technology will include industry-leading standards-based cybersecurity capabilities. Learn More: Webinar on 8 May About ISA About ISASecure View original content to download multimedia:https://www.prnewswire.com/news-releases/isasecure-reports-significant-membership-growth-in-support-of-site-assessment-program-302137292.html SOURCE The International Society of Automation |