Insufficient security is careless, too much security is inefficient.
Recent surveys point out that the fear of cyber attacks is one of the three biggest business risks. Cloud, privacy protection, mobility or the internet of things are important drivers for pushing changes in the field of IT Security in industrial environments. Without IT Security the Industrial Internet of Things will not be accepted.
The importance of protection concepts is growing with increasing external attacks. Operators of critical infrastructure have to maintain minimum standards of IT Security and to protect their installations against cyber-attacks. Effective protection concepts can only be implemented with a range of organizational and technical measures. Product suppliers, system integrators, and operators have to work together to deploy holistic protection solutions.
The series of standards IEC 62443 is focused on the support of holistic solutions for the protection of industrial systems and addresses all involved stakeholders. Correspondingly IEC 62443 is perceived as complex. This guideline has the aim to simplify the approach to the deployment of protection concepts by giving an overview about IEC 62443, summarizing the ideas and concepts, and illustrating practical solutions.