Cybersecurity standard published to protect global critical infrastructure
With industrial networks being increasingly connected to the hostile IT world, and the frequency and sophistication of malware growing exponentially, industrial stakeholders must act today to protect their critical systems; the International Instrument Users Association (WIB) releases comprehensive cybersecurity standard to protect critical industrial computers;
The Haag, The Netherlands-based International Instrument Users Association (WIB), an international organization that represents global manufacturers in the industrial automation industry, announced the second version of the Process Control Domain Security Requirements For Vendors document — the first international standard that outlines a set of specific requirements focusing on cyber security best practices for suppliers of industrial automation and control systems.
“We are pleased to announce today the second version of our cyber security standard,” said Alex van Delft, Competence Manager Process Control at DSM and chairman of the WIB. “This is an important step in the ongoing process to improve the reliability of our critical manufacturing and production systems and provides end-users the ability to now communicate their expectations about the security of process automation, control and safety systems.”
“We are now entering a period of consequences”
With industrial networks being increasingly connected to the hostile IT world, and the frequency and sophistication of malware growing exponentially, industrial stakeholders must act today to protect their critical systems. Whether it is a targeted attack like Stuxnet, or an accidental disruption, a single cyber incident can cost millions of dollars in lost revenue, jeopardize employee and public safety and potentially disrupt national critical infrastructure.
“Our increasingly connected production systems are facing a growing threat on a daily basis and we must do all we can to ensure a safe and secure operational environment,” said Peter Kwaspen, Strategy & Development Manager, EMEA Control & Automation Systems at Shell Projects & Technology. “This document provides the common language we need to communicate our expectations around security to our suppliers and the framework to work together to help improve the overall security posture for our critical systems.”
“The security requirements outlined in the document went through a year of comments/revisions from over 50 global stakeholders and were subjected to a thorough pilot certification program over the last 8 months,” said Jos Menting, cyber security advisor GDF Suez Group. “We’ve now come to a truly functional cyber security standard based on the needs of end-users and it is now up to us, the end-users,