Manufacturing AUTOMATION

ISAGCA white paper explores zero trust outcomes using ISA/IEC 62443 standards for OT security

August 20, 2024
By Manufacturing AUTOMATION

The ISA Global Cybersecurity Alliance (ISAGCA) has released a white paper discussing the outcomes of the zero trust model for cybersecurity in the context of operational technology (OT) and industrial control systems (ICS). The new paper from ISAGCA, titled “Zero Trust Outcomes Using ISA/IEC 62443 Standards,” analyzes the use of the ISA/IEC 62443 series of standards for zero trust in OT.

The International Society of Automation (ISA) explains in a press statement that zero trust has become a widely accepted cybersecurity strategy, with the idea that risk is internally and externally inherent. Zero trust strategy is becoming more relevant in OT and hybrid approaches can incorporate zero trust principles when appropriate.

OT security prioritizes safety as the utmost concern. The paper provides guidance on how ISA/IEC 62443 can support concepts of zero trust. The paper recommends that the zero trust model should not be introduced for essential functions as defined in ISA/IEC 62443. It emphasizes the importance of never overriding or interrupting essential critical functions in zero-trust architecture implementations, especially safety functions associated with fault-tolerant systems design.

The implementation of zero trust may involve additional upfront and maintenance costs as it elevates security dimensions and magnitude, but it also offers significant benefits in terms of understanding and organizing a security strategy. If certain zero trust principles are not feasible to achieve within an OT network, hybrid approaches can incorporate them where appropriate to enhance detection and response capabilities at scale.

Advertisement

“Zero Trust Outcomes Using ISA/IEC 62443 Standards” is available for download on the ISAGCA website.


Print this page

Advertisement

Story continue below