The official rollout of the US Cybersecurity Framework, recognized this past Wednesday in an announcement delivered by President Barack Obama, represents the completion of a successful partnership effort among The White House, the Automation Federation and its founding organization, the International Society of Automation (ISA). Now, the second phase of the partnership—working together to implement the framework—begins.
The US Cybersecurity Framework, the result of a year-long initiative to develop a voluntary how-to guide for American industry and operators of critical infrastructure to strengthen their cyber defenses. is a key deliverable from the Executive Order on "Improving Critical Infrastructure Cybersecurity" that President Obama announced in his 2013 State of the Union address.
During the past year, representatives of the Automation Federation and ISA have been assisting the US government—at the White House's request—to help develop and refine a draft of the US Cybersecurity Framework. Both organizations were sought out as essential government advisors given their expertise in developing and advocating for industrial automation and control system (IACS) security standards. The ANSI/ISA99, Industrial Automation and Control Systems Security standards (known internationally as ISA99/IEC 62443), are recognized globally for their comprehensive, all-inclusive approach to IACS security.
ISA's IACS security standards are among the framework's recommendations because they're designed to prevent and mitigate potentially devastating cyber damage to industrial plant systems and networks—commonly used in transportation grids, power plants, water treatment facilities, and other vital industrial settings. Without these defenses in place, industrial cyberattack can result in plant shutdown, operational and equipment impairment, severe economic and environmental damage, and public endangerment.