The United Nations Economic Commission for Europe (UNECE) has confirmed it will integrate the widely used ISA/IEC 62443 series of standards into its forthcoming Common Regulatory Framework on Cybersecurity (CRF). The CRF will serve as an official UN policy position statement for Europe.
At its recent annual meeting in Geneva, UNECE’s Working Party on Regulatory Cooperation and Standardization Policies recognized the ISA99 standards development committee for its leading role in conceiving and developing the widely used standards, while formally accepting review input presented on behalf of ISA99 by committee member Pierre Kobes of Siemens.
The ISA/IEC 62443 standards are developed primarily by the ISA99 committee of the International Society of Automation (ISA), with simultaneous review and adoption by the Geneva-based International Electrotechnical Commission. ISA99 draws on the input of cybersecurity experts across the globe in developing consensus standards that are applicable to all industry sectors and critical infrastructure, providing a flexible and comprehensive framework to address and mitigate current and future security vulnerabilities in industrial automation and control systems.
“The Common Regulatory Framework will serve to establish a common legislative basis for cybersecurity practices within the massive EU trade markets,” points out Glenn Merrell of Industrial Control System Security. “This formal recognition is greatly valued and appreciated as another important validation of the industry-leading work of the experts on ISA99 who have contributed their knowledge and time in developing the ISA/IEC 62443 series,” adds Merrell, an ISA Certified Automation Professional® (CAP®) who was instrumental in representing ISA99 to UNECE.
“This recognition reflects the growing and widespread adoption of ISA/IEC 62443 by government organizations and manufacturing sectors throughout the world,” emphasizes ISA Executive Director Mary Ramsey. “Beyond our role as a global standards developer, ISA is fully cognizant of and has prioritized our responsibility as an international nonprofit association of automation professionals to support and advance the understanding and application of these critical standards through our supplier-neutral cybersecurity education and training programs, developed with guidance from leading ISA99 experts.”