Minimizing Cyber Risk for Operational Technology: Principles for Readiness Using IEC 62443

On Demand Now

As most who work in the Operational Technology (OT) security space already know, traditional IT security standards are not quite applicable or appropriate for securing OT environments. While most standard’s address network and computer security techniques, they do not address the uniqueness of assets found within the OT space.

The recognition that IT security standards did not include industrial assets, this caused the OT security community to create standards that were inclusive of OT assets. Standards from NIST, ISA and IEC emerged as a guide to help the IT/OT security professional understand and secure the OT environment. Specifically, the IEC 62443 series of standards provides guidance on component and system level security for both the vendor and end user audience. The challenge however can be to understand and then operationalize a technical standard like IEC 62443.

In this webcast, Jeff Shearer, Joe Robertson, and Jay Gignac will discuss the IEC 62443 standard and its relevance to your security program.

First, Jeff will walk you through the basics of the standard. Next, we will discuss security levels and how products and systems can be assessed for their current and future state security levels. Jeff, Christopher, and Jean-Francois will then cover how to assess and prioritize OT risk using the risk-based methodology discussed in the IEC 62443 standard.

This session will cover:

  • OT visibility: Architecting with connectivity in mind
  • OT risk and vulnerability: They are not the same thing
  • Recovery from incidents: OT “golden” backups aren’t golden
  • Action plan: Your action plan should include near and far term goals

Join us on April 19, 2022, at 12n ET, be ready with your questions for Jeff, Joe, and Jay to learn how to secure your OT/IACS environment using the IEC 62443 standard as a guide.