Leveraging IEC 62443 Security Level SL Requirements to Define IACS Cybersecurity Metrics
The IEC 62443 document series is an international standard intended to provide a flexible framework to enhance Industrial Automation Control System (IACS) cybersecurity. Seven core functional requirements are used to assist with the design, development, testing and construction of an integrated security architecture. As the Security Level (SL) targets and capabilities are defined, cybersecurity metrics become necessary to be able to assess the efficacy and comprehensiveness of the design. These Security Levels are organized into four increasing tiers each requiring more stringent controls be in place.
As the security architecture matures and the logical and physical assets are grouped into zones, they need to be evaluated along with the connections and data flows between zones that are called conduits. Both the zones and conduits need appropriate security controls to insure plant operational safety. Cybersecurity Best Practices have principles (such as ‘defense in depth’) that can be evaluated through cybersecurity metrics that evaluate architectural components such as zones and conduits.
Furthermore, security is a process that requires continual risk management and risk reduction via the mitigation of identified threats. Cybersecurity metrics are generated and evaluated to determine if adequate risk management is being enabled. Through the usage of well defined, repeatable and accurate cybersecurity metrics, SL adequacy can be assessed.
This presentation goes through the IEC 62443 foundational requirements and describes appropriate and relevant security metrics for evaluating that architectural components such as zones and conduits have appropriate cybersecurity controls in place and that the SL target has been achieved.
=====================================================
More Information: https://www.exida.com/Certification/IEC62443-Cyber-Cert
#cybersecurity #certification #IEC61442
========================================================
Subscribe to this channel: https://bit.ly/36UM1ok
exida Home Page: https://www.exida.com
Contact Us: https://www.exida.com/Company/Contact
LinkedIn: https://www.linkedin.com/company/exida-com
Twitter: https://twitter.com/exidaLLC
Facebook: http://www.facebook.com/exidaLLC
Видео Leveraging IEC 62443 Security Level SL Requirements to Define IACS Cybersecurity Metrics канала exida
As the security architecture matures and the logical and physical assets are grouped into zones, they need to be evaluated along with the connections and data flows between zones that are called conduits. Both the zones and conduits need appropriate security controls to insure plant operational safety. Cybersecurity Best Practices have principles (such as ‘defense in depth’) that can be evaluated through cybersecurity metrics that evaluate architectural components such as zones and conduits.
Furthermore, security is a process that requires continual risk management and risk reduction via the mitigation of identified threats. Cybersecurity metrics are generated and evaluated to determine if adequate risk management is being enabled. Through the usage of well defined, repeatable and accurate cybersecurity metrics, SL adequacy can be assessed.
This presentation goes through the IEC 62443 foundational requirements and describes appropriate and relevant security metrics for evaluating that architectural components such as zones and conduits have appropriate cybersecurity controls in place and that the SL target has been achieved.
=====================================================
More Information: https://www.exida.com/Certification/IEC62443-Cyber-Cert
#cybersecurity #certification #IEC61442
========================================================
Subscribe to this channel: https://bit.ly/36UM1ok
exida Home Page: https://www.exida.com
Contact Us: https://www.exida.com/Company/Contact
LinkedIn: https://www.linkedin.com/company/exida-com
Twitter: https://twitter.com/exidaLLC
Facebook: http://www.facebook.com/exidaLLC
Видео Leveraging IEC 62443 Security Level SL Requirements to Define IACS Cybersecurity Metrics канала exida
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Cybersecurity for Control Systems in Process Automation | ISA & Siemens Webinar](https://i.ytimg.com/vi/V7gVX7pbVjk/default.jpg)
![Industrial Automated Control System (IACS) Cybersecurity Program Management (IEC 62443)](https://i.ytimg.com/vi/LeB2yPaU7e0/default.jpg)
![Conducting Effective Hazard and Risk Assessments for Machine Applications](https://i.ytimg.com/vi/Nk9BSiHqNOI/default.jpg)
![Functional Safety Management Planning - Setting the Structure](https://i.ytimg.com/vi/P35ScWoptt8/default.jpg)
![The Five Laws of Cybersecurity | Nick Espinosa | TEDxFondduLac](https://i.ytimg.com/vi/_nVq7f26-Uo/default.jpg)
![Creating a Security Metrics Program: How to Measure Success - SANS ICS Security Summit 2019](https://i.ytimg.com/vi/gIsLP_Dtv7M/default.jpg)
![The IEC 62443 Standards Plainly Explained](https://i.ytimg.com/vi/UNTmKT36cXQ/default.jpg)
![Cyber Security In 7 Minutes | What Is Cyber Security: How It Works? | Cyber Security | Simplilearn](https://i.ytimg.com/vi/inWWhr5tnEA/default.jpg)
![What is Cybersecurity Hygiene, and How Do I Implement It?](https://i.ytimg.com/vi/jIuqnhPChEw/default.jpg)
![Practical Industrial Control System Cybersecurity: IT and OT Have Converged - Discover and Defend](https://i.ytimg.com/vi/IsIRjC4WlxE/default.jpg)
![Safety System Redundancy - Is It Worth the Money?](https://i.ytimg.com/vi/UJwpRTJ8-oU/default.jpg)
![Cybersecurity Monitoring and Metrics - “You Can’t Manage What You Can’t Measure” Continuously?](https://i.ytimg.com/vi/ZNLo4fd3KDM/default.jpg)
![Alarm Rationalization – The Key to an Effective Alarm System](https://i.ytimg.com/vi/PyKLD3u2Vzs/default.jpg)
![Understanding IEC 62443 and Cybersecurity Standards - Mocana Webinar of 12/11/19](https://i.ytimg.com/vi/NmTtHilQ1mw/default.jpg)
![Cybersecurity in the Real World](https://i.ytimg.com/vi/7C35TbaHDiI/default.jpg)
![NIST Recommendations for ICS & IIoT Security](https://i.ytimg.com/vi/tDaeUJTL75s/default.jpg)
![Functional Safety Personnel Competency (Certificate vs. Certification)](https://i.ytimg.com/vi/qSypcpnIO6A/default.jpg)
![Integrated System Cybersecurity: Understanding and Applying IEC 62443-3-3](https://i.ytimg.com/vi/IjlMR0EaXJk/default.jpg)
![CHAZOP Methods and Examples](https://i.ytimg.com/vi/-6oO-iPv8bg/default.jpg)
![CISSP Business Impact Analysis, Continuity, Contingency, and Disaster Recovery Concepts](https://i.ytimg.com/vi/SsCdVsz62Tc/default.jpg)