Guideline Industrial Security

Insufficient security is careless, too much security is inefficient. Recent surveys point out that the fear of cyber attacks is one of the three biggest business risks. Digitalization based on cloud computing, mobility or the internet of things are important drivers for pushing productivity in industrial environments. Cybersecurity is a prerequisite for digitalization in the industry. The importance of security protection concepts is growing with increasing external attacks. Operators of critical infrastructure have to maintain minimum standards and to protect their installations against cyber-attacks. Cybersecurity requires a holistic approach. Effective protection concepts can only be implemented with a range of organizational and technical measures. Product suppliers, system integrators, and operators have to work together to deploy holistic protection solutions. The new edition describes the security protection scheme in much more detail. A holistic protection includes a combination of technology, process, and people aspects for the protection of industrial facilities during operation. The series of standards IEC 62443 supports the development of holistic solutions for the protection of industrial facilities and addresses all involved actors. Correspondingly IEC 62443 is perceived as complex. This guideline has the aim to simplify the approach to the deployment of protection concepts by giving an overview about IEC 62443, summarizing the ideas and concepts, and illustrating practical solutions.