The International Society of Automation (ISA), the leading professional society for automation, has announced the publication of ANSI/ISA-62443-2-1-2024, Security for Industrial Automation and Control Systems. This latest update in the ISA/IEC 62443 series enhances cybersecurity for industrial automation and control systems (IACS) across various industries.
As organizations increasingly rely on automation in manufacturing, processing, and critical infrastructure, cybersecurity challenges grow more complex. ANSI/ISA-62443-2-1-2024 provides a structured approach to establishing, implementing, maintaining, and improving security programs designed to mitigate IACS security risks. This standard is implementation-independent, allowing asset owners to customize security measures based on their specific operational needs.
Key updates in this revision include a new security program element structure and a maturity model for evaluating requirements, reflecting significant advancements over the previous 2010 version.
Developed by the ISA99 Standards Committee, this American National Standard is reviewed and adopted by the International Electrotechnical Commission (IEC), ensuring global applicability. By integrating expertise from cybersecurity professionals worldwide, the standard provides a comprehensive framework for addressing both current and emerging security vulnerabilities.
“Security is a balance of risk versus cost, and each situation will be different,” said Eric Cosman, ISA99 Co-Chair from OIT Concepts. “Some risks relate to health, safety, and environmental concerns rather than just financial impact, making flexible security approaches essential.”