OT/IT connections and IEC 62443 standardization main themes during Industrial Cyber Security event 2023

The industry has three important reasons to pay a lot of attention to cyber security within and outside the company. During the Industrial Cyber Security event on October 10 in Den Bosch, speakers will discuss a number of current themes surrounding cyber security, including the consequences of the NIS 2 and the importance of the IEC 62443 standard and the challenges in the connection between OT and IT.

Cybersecurity is high on the agenda in the industry, because it is crucial to ensure the continuity of business processes.

Cyber attacks can lead to operational disruptions. Consider shutting down production lines, disrupting logistics networks and causing communication disruptions.

These disruptions can cause significant financial losses and hinder the delivery of products and services to customers. By implementing strong security measures, companies can increase their resilience against cyber attacks and minimize the impact of any breaches.

In addition, the protection of company information and intellectual property is also important. Think of customer information, product designs and business strategies. Without sufficient security measures, cyber criminals can make off with this information.

Finally, cybersecurity is of great importance in the industry due to increasing regulations and customer expectations in this area.

Relatively new is the Network and Information Security (NIS2) directive. This directive should improve the digital and economic resilience of European member states. NIS2 expands the scope compared to the original NIS guideline from 2016. More sectors and services are now covered by the requirements, such as postal, waste, chemicals, food, digital service providers and government agencies. There will be a mandatory reporting obligation for cybersecurity incidents that pose a potential risk to the provision of services. There will also be sanctions for companies that do not comply with the directive. This should ensure that the directive is actually complied with.

IEC 62443 is important for industry. The standard provides a framework to improve the cybersecurity of Industrial Control Systems (ICS). These are systems for monitoring and controlling industrial processes, such as in production, energy supply, water purification, etc. Because ICS systems are often crucial for the proper functioning of the processes, cybersecurity is extra important here.

During the Industrial Cyber Security event, speakers from Kiwa Netherlands, TÜV Nord Netherlands and Hudson Cybertec will discuss the implementation of IEC 62443. Because this standard applies to the entire chain: from product supplier and installer to asset owner.

Another recurring theme is the challenge of making the connection between OT and IT systems as secure as possible. For example, the problem of incompatible protocols often arises and linking OT with IT creates an increased attack surface for malicious parties. Active monitoring of OT systems is also not always in order, while unpatched legacy software can also throw a spanner in the works.

During his keynote, Maurice Snoeren, OT security officer at RWE, will discuss how the OT environment can be better secured using data diodes. Ard Roelvink (Batenburg Industrial Automation) also addresses the question of how crucial infrastructure on the OT and IT side can be shielded.

Interested in these themes? Register for free to visit it Industrial Cyber Security event on October 10 at the 1931 conference center in Den Bosch.