Independent Certification - an Essential Element of Effective Cybersecurity Programs

Author photo: Eric Cosman
ByEric Cosman
Category:
ARC Report Abstract

As described in a previous Insight, end users face significant challenges in ensuring the security of their industrial automation systems.  The complexity of the subject can impede many organizations to a significant degree.  It is unrealistic to expect plant operations staff to be experts in cybersecurity.  While they are likely to be familiar with the need for risk assessment and the possible consequences, cybersecurity threats and vulnerabilities evolve rapidly and are often not well understood without help from experts in the field.  Identifying, assessing, and selecting specific products and technologies to address them may also require specialized expertise and relevant experience.

Industry standards and practices define what is required for effective cybersecurity.  But these are often very detailed and written in arcane language.  Other sources of guidance, such as those available from NIST, may or may not be relevant for the specific domain or industry in question.

End users require a straightforward way to assess people, processes and technology to determine and verify conformance to the requirements provided by the standards.  And they should be able to do so without having to read and absorb what can be thousands of pages of detailed requirements.

Independent certification could meet this need, making it an essential element of the cybersecurity response.

ARC Advisory Group clients can view the complete report at ARC Client Portal on Office 365 or Box.com

If you would like to buy this report or obtain information about how to become a client, please Contact Us    

Keywords: Standards, Certification, Certificates, Cybersecurity, Industrial Automation Systems, ARC Advisory Group.

 

Engage with ARC Advisory Group

Representative End User Clients
Representative Automation Clients
Representative Software Clients