Subscribe to stay in the loop with the latest OT cyber security best practices.
Fill out form below
Applying 62443 Concepts to Securing OT ICS Endpoints
John Livingston and Ryan Zahn share how to protect endpoints leveraging concepts from the 62443 family.
Let's Connect
Mapping ISO to IEC 62443
Most cyber risks and events are associated with the compromise of endpoints or commodity systems, HMIs, Historians, AD servers, EWS, and technician laptops. This means we need to be considering these endpoints vs. merely monitoring network traffic when treating cyber-risk down to tolerable levels for the organization. The IEC 62443 standards have high-level, concentrated advice, but in comparison to NIST-SP technical requirements, it is not as clear because 62443 was designed to be highly agnostic and applicable to many industries.
When looking at the 62443 foundational requirements (FR) and security requirements (SR), many can be found within a cybersecurity program or tweaked to focus on endpoints and fulfilled using technology. Security continuously degrades and audits/remediation requires resources, but security controls per asset can be implemented and monitored so OT systems management (OTSM) teams can get ahead of the problem (where possible) using the correct solutions.
This session is about mapping endpoint security capabilities to those outlined in the 62443 families, using multiple products to tie FR/SRs together, and how to gain visibility on gaps, security-level (SL) variances, etc. via a centralized platform strategy that enables teams to act.
During this presentation, you will learn:
An introduction to the 62443 FR/SRs with respect to endpoint security
A mapping of FR/SRs to the various capabilities or products out there
An example of an HMI “blueprint” with a specific target security level (SL-T)
An example illustrating variance between an achieved security level (SL-As) vs. the desired SL-T via a compliance strategy
An example dashboard report showing overall results as a feedback system for your CSMS
Next steps to expanding this concept
Related Resources
Blog
5 Steps to Build an ICS Cybersecurity Program with IEC 62443 Standards
This article is intended to help asset owners, integrators and customers understand how to begin a cybersecurity program to improve overall maturity against the elements of the IEC 62443 standard.
5 Principles for Designing a Successful Governance Model for OT Cyber Security
In today’s large and complex industrial organizations, the right cyber security governance structure depends on the culture and existing model of the rest of the organization, as well as coordination and shared decision-rights across IT, security/risk management, operations, and finance. Download the “5 Principles for Designing a Successful Governance Model for OT Cyber Security” to discover the five guiding principles…
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of the cookies.
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.