ISA white paper helps organizations execute cybersecurity plan


Jul 25, 2017

The International Society of Automation (ISA) Security has developed a new white paper designed to help small- and medium-sized businesses recognize their vulnerability to industrial cyberattack and forge an effective cybersecurity plan based on established standards and practices.

“Industrial Cybersecurity for Small and Medium Sized Businesses” leverages ISA’s knowledge of industrial automation and control systems (IACS) and subject matter expertise in industrial cybersecurity.

Manufacturing operations are at risk from a wide variety of threats, including amateur and professional hackers, environmental activists, disgruntled employees or contractors, and nation states or terrorists. In addition, many cybersecurity incidents are a result of accidents or unintentional actions.

“Effective cybersecurity management is essential for all organizations, regardless of size,” says Bill Joss, ISA’s senior business development manager. “However, most medium- and smaller-sized companies that manage industrial processes and employ some level of automation are unaware of the cyber-risks they face, and are not adequately prepared to implement the proven cybersecurity standards and practices that are available to them.”

The white paper provides a thorough overview of industrial cybersecurity, covering:

  • Risk assessment
  • Essential cybersecurity initiatives, including: Identification, Protection, Detection, Response and Recovery
  • Awareness and training
  • Continuous improvement
  • Additional references

The document was co-written by two ISA cybersecurity experts: Steve Mustard, a consultant who has developed cybersecurity management systems, procedures and training for many critical infrastructure organizations throughout the world; and Eric Cosman, a manufacturing operations and control systems consultant and Co-Chair of the ISA99 Committee on industrial cybersecurity standards and practices. 

To learn more about the ISA/IEC 62443 series of cybersecurity standards, ISA cybersecurity training and certificate programs, and ISA’s wide range of industrial cybersecurity resources, contact Heidi Cooke, Sr. Learning Consultant, at +1 -919-990-9405 or via email at

The white paper is available here.