ISA Provides Guidance to Newsweek Vantage Report on Cyber Risks to Critical Infrastructure

April 6, 2020

The International Society of Automation (ISA) recently served as the expert partner for an independent report from Newsweek Vantage on cyber risks to critical infrastructure.

The report, titled “Weathering the Perfect Storm: Securing the Cyber-Physical Systems of Critical Infrastructure,” surveyed 415 executives at critical infrastructure organizations to learn whether they are taking a holistic approach to security for operations technology (OT) and information technology (IT). Among other takeaways, the survey found that a holistic approach is a priority for most—and that more than a third of respondents said a cyber breach was the motivating factor.

ISA is the industry expert on standards for automation cybersecurity for OT systems. The ISA/IEC 62443 Series of Standards is the world’s only consensus-based series of standards on automation cybersecurity.

“We’re proud to provide guidance as an expert partner with Newsweek Vantage on this independent report,” said Mary Ramsey, ISA executive director. “The security of critical infrastructure is complex by nature, and we believe research like this is an important part of understanding where the industry can improve as a whole.”

Other key findings from the report include:

  •  –   IT and OT still don’t play well together at many organizations, despite years of effort. Nearly a third of respondents said the primary obstacle is cultural—in other words, that employees are resistant to change.
  •  –   Nearly every executive surveyed said their organization had experienced a security breach within the last year. Almost two-thirds said IT systems were the source of vulnerability leading to at least one of their incidents. A third also attributed their vulnerability to a lack of IT/OT integration, and a quarter added that a lack of secure physical access controls contributed to system vulnerabilities as well.
  •  –   Most organizations are at least partway along the path to IT/OT convergence. 68 percent of respondents said their organizations have integrated some of their OT, IT, and physical systems, and are still working on others. Far fewer—20 percent—have already integrated everything, and fewer still—only 11 percent—have not integrated anything.

Eric Cosman, a consulting engineer and the 2020 ISA president, as well as Steve Mustard, an independent consultant and the incoming 2021 ISA president, also contributed to the report as subject-matter experts.

“It was a privilege to represent ISA and the automation community in providing input to the Newsweek Vantage report,” Cosman said. “Vehicles such as this provide us with an opportunity to reach a much broader audience and raise the awareness of the risks faced by our critical infrastructure. Asset owners must take the time to fully understand the consequence component of this risk and plan their response accordingly using standards, practices, and other resources available to them.”

“The Newsweek Vantage report is the end product of an important piece of research, of which I am very proud to have been a part,” Mustard says. “ISA has long understood the risks to critical infrastructure from cybersecurity incidents, and having the opportunity to be part of this work has allowed us to share our message much further. Although the report shows we still have a long way to go before industry fully embraces the challenge, it provides clear evidence of the need to do so.”

Improving automation cybersecurity across all industries is a central part of ISA’s mission. It created the ISA Global Cybersecurity Alliance (isa.org/ISAGCA) to advance cybersecurity readiness and awareness in manufacturing and critical infrastructure facilities and processes. It also offers a suite of automation cybersecurity training, including certificate programs.

The full Newsweek Vantage report is available for download here.

Source

Related Articles



Editor’s Pick: Featured Article

Weidmüller’s u-control 2000: The Automation Controller

Weidmüller’s u-control 2000: The Automation Controller

Weidmüller’s scalable engineering software, u-control 2000, adapts individually to your requirements. And, the u-control is powerful, compact and fully compatible with Weidmüller’s I/O system u-remote. This article looks at what makes u-control the heart of your automation.

Programmable logic controllers (PLCs) are one of the main components of any automated system. A typical control system has inputs, outputs, controllers (i.e., PLCs), and some type of human interaction with the system, a human machine interface (HMI), for example.

Read More



Latest Articles

  • Vention Introduces AI, Making Adoption of Automation Easier

    December 20, 2024 By Krystie Johnston Vention has been on a mission to democratize automation since 2016. Etienne Lacroix, Founder and CEO of Vention, realized he could leverage software and technology to productize automation, making it more accessible to everyone. While working as an engineer and integrating systems for manufacturers, he noticed added costs and… Read More…

  • Machine Man Reflects on 50 Years In a Challenging But Rewarding Field

    December 18, 2024 Pat McCluskey’s machine design and build experience at ANCA has fuelled manufacturing exports for Australia for half a century For a half-century, ANCA has made the machines that make the tools that make the world go around. One half of its founding pair, Pat McCluskey, has designed many grinding machine tools in… Read More…