ISA publishes industrial cyber security standard

The new standard, ANSI/ISA-99.02.01-2009, Establishing an Industrial Automation and Control Systems Security Program, describes elements to set up a cyber security management system, and provides guidance on how to meet the requirements for each element. “The great value of this standard is that it draws together the best thinking on industrial cyber security management from experts at leading companies and organizations across the globe,” says Jim Gilsinn of NIST, who was lead editor for the standard. The new standard follows last year’s publication of the first series standard, ANSI/ISA-99.00.01, which serves as the basis of all standards in ISA99 by presenting key concepts, terminology, and models. Gilsinn explains that additional ISA99 standards under development will cover how to operate a security program after it is designed and implemented, as well as technical security for industrial automation and control systems. ISA (formerly Instrument society of America, now International Society of Automation) is a global, non-profit organisation that sets standards and ;provides educational services for automation professionals.