Industrial Cybersecurity Standards

We can define 3 different areas of standards and regulations related to industrial cybersecurity.

It is possible that we have to apply several simultaneously depending on the geography where we want to adapt to the standard and the customer.

  1. International standards of industrial cybersecurity:
    a. ISA/IEC 62443
    b. NIST SP 800-82 Rev.2

  2. Regional industry regulation, critical infrastructure and services regulations and sector-specific regulations: (some examples)
    a. NERC CIP (Electrical Regulation for the United States)
    b. ANSSI (Electrical Regulation for France)
    c. ENS (Regulation of critical infrastructure in Spain)
    d. NCSC CAF Guidance (UK Critical Infrastructure Regulation)
    e. BSI (German Critical Infrastructure Regulation)
    f. Law 362/2019 (Regulation of critical infrastructure in Romania aligned with EU NIS Directive)

  3. Cybersecurity standards: (some examples)
    a. ISO/IEC 27001:2013
    b. COBIT 2019
    c. OWASP
    d. NIST SP 800-53 Rev. 4
    e. CIS CSC

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.