Cybersecurity is a vital issue for industrial systems and facilities, as cyberattacks can have severe consequences for the affected organizations, their supply chains, and even public safety. The EU’s NIS2 (Network and Information Security) Directive is a new regulatory framework for information security in critical industries. It defines what needs to be achieved in terms of information security, but not how or which kinds of technical measures or technologies should be employed.
Establishing NIS2 compliance
The industrial cybersecurity standard IEC 62443 provides a comprehensive framework for the security of industrial automation and control systems (IACS), covering the entire lifecycle of these systems. IEC 62443 defines processes and requirements for implementation and operation of secure systems that can be used as the technical basis for NIS2 compliance.
In an article for German trade magazine “Computer und Automation”, our colleagues Georg Stöger, Director Training & Consulting at TTTech Industrial, and Sascha Hönigsberger discuss:
- The background and focus of NIS2: Reviewing which requirements must be complied with and the importance of risk management.
- The IEC 62443 standard: A backbone for implementing NIS2 compliant processes and systems based on risk assessment, security measures, and monitoring mechanisms for securing critical infrastructure against cyberattacks.
- The benefits of edge computing and an IIoT platform solution for industrial cybersecurity: How local processing and platform architectures support secure connectivity and secure remote access to industrial assets on the shop floor.
- Nerve – TTTech Industrial’s IIoT platform for machine builders that meets the process certifications according to IEC 62443
If you want to find out more about cybersecurity in industrial systems and the connection between NIS2 compliance and IEC 62443, check out the full article (in German):