Effective ICS cybersecurity using the IEC 62443 standard
October 19, 2021
Improving ICS security typically involves a thorough risk assessment followed by a security assessment (also known as a vulnerability assessment), both of which are supplemented by reports detailing vulnerabilities, weaknesses and recommendations. Then comes the flurry of activity in the form of risk mitigation plans focused on determining which findings truly warrant the investment involved in mitigation. This level of scrutiny has its benefits, but it tends to narrow the security problem down to a focused list of findings that represent a mere slice of the entire ICS security posture.