Safety management staff are stakeholders of the CSMS, which stands for Cybersecurity Management System. The CSMS is a framework for managing the cybersecurity of industrial automation and control systems (IACS) based on the ISA/IEC 62443-2-1 standard1. The CSMS defines the objectives, policies, metrics, and governance for the overall ICS security program2. The CSMS also includes the processes for risk assessment, security design, implementation, monitoring, and improvement3. Safety management staff are involved in the CSMS development and implementation, as they are responsible for ensuring the safety of the IACS and the people, environment, and assets that depend on it. Safety management staff need to coordinate with the security management staff to align the safety and security requirements, identify and mitigate the safety risks arising from cyber threats, and monitor and respond to safety incidents caused by cyberattacks. References:
1: ISA/IEC 62443-2-1: Establishing an Industrial Automation and Control Systems Security Program, ISA, 2010.
2: A Practical Approach to Adopting the IEC 62443 Standards - ISAGCA
3: ISA ISA-IEC-62443 ISA/IEC 62443 Cybersecurity Fundamentals Specialist Online Training - Exam4Training
[4]: Using the ISA/IEC 62443 Standards to Secure Your Control System, ISA, 2018.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit