PRESS RELEASE

Durham, NC, August 14, 2024 – The ISA Global Cybersecurity Alliance (ISAGCA) has announced the publication of a white paper discussing the results of the zero trust model for cybersecurity in the context of operational technology (OT) and industrial control systems (ICS).

Zero trust has become a widely accepted cybersecurity strategy, with the idea that risk is inherently internal and external. Zero trust strategy is becoming more relevant in OT, and hybrid approaches can incorporate zero trust principles where appropriate. ISAGCA’s new paper, titled “Zero Trust Results Using ISA/IEC 62443 Standards,” analyzes the use of the ISA/IEC 62443 series of standards for zero trust in OT.

OT security prioritizes safety as the utmost concern. The document provides guidance on how ISA/IEC 62443 — the world’s leading consensus-based standards for control system cybersecurity — can support zero trust concepts. The paper recommends that the zero trust model should not be introduced for essential functions as defined in ISA/IEC 62443. It emphasizes the importance of never overriding or disrupting essential critical functions in zero trust architecture implementations, especially safety functions related to fault-tolerant system design.

Implementing zero trust can incur additional upfront and maintenance costs as it increases the security dimensions and scope, but it also offers significant benefits in terms of understanding and orchestrating a security strategy. If certain zero trust principles are not feasible to achieve within an OT network, hybrid approaches can integrate them where necessary to improve detection and response capabilities at scale.Zero Trust Results Using ISA/IEC 62443 Standards” is available for download from the ISAGCA website.

About ISAGCA

The ISA Global Cybersecurity Alliance (ISAGCA) is a collaborative forum to advance OT cybersecurity awareness, education, readiness, standardization, and knowledge sharing. ISAGCA is comprised of more than 50 member companies and industry groups, representing more than $1.5 trillion in total revenues across more than 2,400 combined locations worldwide. Automation and cybersecurity provider members serve 31 different industries, underscoring the broad applicability of the ISA/IEC 62443 family of standards. For more information, visit www.isagca.org.

About ISA

The International Society of Automation (ISA) is a non-profit professional society founded in 1945 to create a better world through automation. ISA’s mission is to strengthen the global automation community through standards and knowledge sharing. ISA develops widely used global standards and conformity assessment programs; certifies professionals; provides education and training; publishes books and technical articles; organizes conferences and exhibitions; and provides networking and career development programs for its members and customers worldwide. For more information, visit www.isa.org.