COMPLIANCE

Applying the ISA/IEC 62443 Standards for IACS Security

What Are the ISA/IEC 62443 Standards?

The ISA/IEC 62443 series of standards was developed by the ISA99 Committee and the IEC Technical Committee 65/Working Group 10 to define requirements and processes for implementing and maintaining electronically secure IACS. These standards set best practices for security and provide a way to assess the level of security performance.

Maintaining compliance with ISA/IEC 62443 can help reduce the likelihood of cyberattacks and help avoid serious regulatory, financial and safety consequences while ensuring that operations are achieving comprehensive levels of ICS and cyber-physical security.

Which ISA/IEC 62443 Parts Does Nozomi Networks Support?

Our solution helps you implement Parts 2-1 and 3-3 of the standard.

View ISA/IEC 62443 Mapping Guide

Part 2-1: Risk Analysis

4.2
Risk Identification, Classification and Assessment
4.2.3.4
Identify the industrial automation and control systems
4.2.3.5
Develop simple network diagrams
4.2.3.6
Prioritize systems
4.2.3.7
Perform a detailed vulnerability assessment
4.2.3.9
Conduct a detailed risk assessment
4.2.3.12
Conduct risk assessments throughout the lifecycle of the IACS
4.2.3.13
Document the risk assessment
4.2.3.14
Maintain vulnerability assessment records
4.3
Addressing the Risks with Cybersecurity Management Systems
4.3.3.3.6
Protecting connections
4.3.3.3.7
Maintaining equipment assets
4.3.3.4.2
Employ isolation or segmentation on high-risk IACS
4.3.3.4.3
Block non-essential communications with barrier devices
4.3.3.5.7
Change default passwords
4.3.3.6.2
Authenticate all users before system use
4.3.3.6.3
Require strong authentication methods for system administration and application configuration
4.3.3.6.6
Develop a policy for remote login and connections
4.3.3.7.2
Establish appropriate logical and physical permission methods to access IACS devices
4.3.4.2.1
Managing IACS risk on an ongoing basis
4.3.3.2.2
Employ a common set of countermeasures
4.3.4.3.2
Develop and implement a change management system
4.3.4.3.7
Establish and document a patch management procedure
4.3.4.5.1
Implement an incident response plan
4.3.4.5.3
Establish a reporting procedure for unusual activities and events
4.3.4.5.6
Identify and response to incidents
4.3.4.5.7
Identify failed and successful cyber security breaches

Part 3-3: Systems security requirements and security levels

3.3.1.1
Human user identification and authentication
3.3.1.5
Authenticator Management
3.3.1.6
Wireless Access Management
3.3.1.7
Strength of password-based authentication
3.3.1.8
Public key infrastructure certificates
3.3.1.9
Strength of public key authentication
3.3.1.11
Access via untrusted networks
3.3.2.2
Wireless use control
3.3.2.3
Use control for portable and mobile devices
3.3.2.5
Session lock
3.3.2.6
Remote session termination
3.3.2.8
Auditable events
3.3.2.9
Audit storage capacity
3.3.2.11
Timestamps
3.3.3.1
Communications integrity
3.3.3.2
Malicious code protection
3.3.2.8
Human user identification and authentication
3.3.3.4
Software and information integrity
3.3.3.5
Input validation
3.3.3.8
Session integrity
3.3.4.1
Information confidentiality
3.3.4.3
Use of cryptography
3.3.5.1
Network segmentation
3.3.5.2
Zone boundary protection
3.3.5.3
General-purpose person-to-person communication restrictions
3.3.6.2
Continuous monitoring
3.3.7.1
Denial of service protection
3.3.7.2
Resource management
3.3.7.4
Control systems and recovery
3.3.7.5
Emergency power
3.3.7.6
Network and security configuration settings
3.3.7.8
Control system component inventory

How Does Nozomi Networks Support ISA/IEC 62443 Compliance?

Asset Visibility & Vulnerability Assessment

Nozomi Networks’ automated asset identification saves time and helps achieve a centralized view of all your OT & IoT assets.

Nozomi Networks’ comprehensive vulnerability analysis supports prioritized and efficient risk reduction efforts with actionable insights on remediation steps, patches and upgrades.

Learn More
Vantage vulnerability dashboard
Continuous Monitoring & Threat Detection

Our AI-driven network monitoring and threat detection quickly identifies any anomalous activity within OT and IoT environments to meet ISA/IEC 62433 monitoring requirements.

Learn more
Vantage alert
ISA/IEC 62443 Reporting


Our content packs feature makes it easy to measure compliance with standards and best practices, including ISA/IEC 62433.

Download ISA Content Pack
ISA IEC 62443 content pack

Why Choose Nozomi Networks for ISA/IEC 62443 Compliance?

Relationships

We truly value our customers and take pride in having the industry’s highest customer retention rate. But don’t take our word for it. Read why our customers rank us #1 on Gartner Peer Reviews here.

OT Expertise

Our solution was born in OT and supports hundreds of protocols for passive discovery, as well as smart polling, an endpoint security sensor, and a wireless monitoring sensor, making the flexibility and depth of our asset management and anomaly detection capabilities unmatched.

Robust Data Reporting

Our Dashboards and Content Packs allow users to quickly create a shareable format for the data they need to benchmark progress when applying the ISA/IEC 62443 standards in their OT environments.

Take the next step.

Discover how easy it is to identify and respond to cyber threats by automating your IoT and OT asset discovery, inventory, and management.