The new scenario of CYBER SECURITY
“Cybersecurity is the set of practices, processes and technologies designed to manage the cyberspace risk derived from the use, processing, storage and transmission of information used in organizations and industrial infrastructures, using the perspectives of people, processes and technologies” (Source: CCI)
Cybersecurity is a demand and an essential requirement in the growing and fast-paced IT markets and applications, extending from the demanding field of the new industry (eg 4.0) to current end-consumer environments and new applications of the Internet of Things ( IoT). Traditional approaches to compliance-oriented cybersecurity are obsolete and not sufficient. The growing demand is accompanied by a combination of real public cases of vulnerabilities and attacks on services and content, together with a confusing regulatory situation and standardized tools that allow the industry and its users to establish common criteria for protection and security against cyberthreats.
Despite this demand, security regulations for IT threats have not been able to adapt to the rapid evolution of the deployment of new services and industrial applications (eg: 27001 or 61508). Only in the most critical sectors, such as Aeronautics, Energy or special facilities, and forced by recent legislation (see GPDR, NIS, LPIC, etc …) have been established concise regulatory frameworks that allow a proper deployment of protections and tools to provide adequate levels of cybersecurity.
The vulnerabilities of SCADA systems in the industrial environment (system of supervision, control and data acquisition that helps to improve remote decision making from a cockpit in Industry 4.0.), The uncertainty on how to apply cybersecurity in Smarthome systems or IoT, the risks of implementing increasingly interconnected systems with a multitude of confidential data without a common security criterion have led to the development by the standardization bodies (IEC / ISA99) of a new family of standards that is much more flexible, adequate and powerful than the existing ones to date. The family of IEC 62443 standards unifies the security requirements (Safey & Security) demanded by the industry and the end user services.
The company has developed an application methodology based on IEC 62443 that allows the homologation and certification of IT systems and products, generating evidence of cybersecurity, reducing risks and allowing customers to differentiate with their systems and products against the competition and offering better benefits. to customers.
This post is also available in: Spanish