- May 20, 2021
- Research Triangle Park, North Carolina
ISA Global Cybersecurity Alliance Members Schneider Electric, 1898 & Co., Dragos, and Idaho National Laboratory will serve as members of the international Operational Technology Cybersecurity Expert Panel appointed by the Cyber Security Agency of Singapore (CSA).
“Around the world, countries are planning their approaches to the persistent and significant cybersecurity threats to critical infrastructure and industrial operations,” said ISA Global Cybersecurity Alliance Managing Director Andre Ristaino. “The US government is also painfully aware of the importance of protecting critical infrastructure, as highlighted by the recent attack on the Colonial Pipeline. This incident is only a wake-up call if you haven’t been paying attention. Our organizations have been advocating for smarter cybersecurity approaches for a decade or more through our standards committee, certification body, and most recently, the founding of the ISA Global Cybersecurity Alliance. Nearly 50 member companies, acting individually and as a group, are serving as subject matter experts in nearly every world region to drive adoption and usage of the ISA/IEC 62443 series of standards as the foundational basis for assessing and managing cybersecurity risk across all industry sectors.”
Singapore’s approach to global concerns over cybersecurity includes a defined plan created by their government and the country’s Cyber Security Agency (CSA.) CSA launched its OT Cybersecurity Masterplan in 2019, providing guidance to professionals working in OT environments with a focus on security industrial control systems. The three objectives of the masterplan are:
- To create awareness of the OT challenges faced across industries within Singapore
- To align the efforts of OT cybersecurity initiatives and to address cyber-threats, including a recommendation to leverage the ISA/IEC 62443 series of standards within the Cybersecurity Code of Practice (CCOP) as one of the key components of a strong cybersecurity approach
- To guide the development of effective cybersecurity initiatives, solutions, and to encourage partnerships with industry leaders and stakeholders
The international Operational Technology Cybersecurity Expert Panel will discuss issues ranging from governance policies and processes, evolving operational technology technologies, emerging trends, capability development, supply chain, threat intelligence information sharing, and incident response. The panel will facilitate the sharing of information between the public and private sectors with a goal of strengthening local cybersecurity capabilities and competencies, protecting critical infrastructure sectors, including energy, water, and transport.
The 11 panel members are:
- Marco (Marc) Ayala from the US, and is Director of Industrial Control System Cybersecurity (ICS) and sector lead at 1898 & Co, part of Burns & McDonnell
- Christophe Blassiau from France, an executive member of the WEF Cyber Resilience in Electricity and Oil and Gas Communities, and senior vice-president for cybersecurity and global chief information security officer at Schneider Electric
- Eric Byres from the US, chief executive officer of aDolus Technology, and senior partner at ICS Secure;
- Robert Hannigan from Britain, the chairman of BlueVoyant;
- Dr. Ong Chen Hui from Singapore, the cluster director for the BizTech Group at the Infocomm Media Development Authority;
- Joel Thomas Langill from the US, a managing member of the Industrial Control System Cyber Security Institute, and founder of Scadahacker;
- Robert Lee from the US, chief executive officer and co-founder of Dragos;
- Dale Peterson from the US, founder and chairman of S4 Events, and founder and chief executive officer of Digital Bond;
- Maggy Powell from the US, principal industry specialist at Amazon Web Services;
- Zachary Tudor from the US, associate laboratory director at the Idaho National Laboratory's National and Homeland Security Science and Technology Directorate; and
- Kazuo Yamaoka from Japan, senior solution architect at NTT Security Japan.
Singapore's operational technology cybersecurity practitioners, operators, researchers and policymakers from the Government, critical information infrastructure (CII) sectors, academia, and other operational technology industries will have direct access to the experts, leveraging their knowledge to shape codes of practice, strategies for training Singapore’s workforce, the proliferation of compliance programs for devices, components, and systems, and more.
In 2019, the ISA Security Compliance Institute announced an agreement with TÜV SÜD PSB, the German training, testing, and certification giant, to conduct certification assessments using ISASecure certification specifications in South East Asia. Simultaneously, the Singapore Accreditation Council (SAC) and ISA signed a Memorandum of Understanding to provide certification body accreditations for the ISASecure® cybersecurity certification programs in the region, including the second certification body DNV GL whose Singapore office has also signed on as an ISASecure CB.
Founded in 2007, the ISA Security Compliance Institute’s mission is to provide the highest level of assurance possible for the cybersecurity of automation control systems. ISCI has been conducting ISASecure® certifications on automation and control systems since 2011 through its network of ISO/IEC 17065 accredited certification bodies. The Institute was established by thought leaders from major organizations in the automation controls community seeking to improve the cybersecurity posture of critical infrastructure for generations to come. Prominent ISASecure supporters include Chevron, ExxonMobil, Saudi Aramco, Shell, ABB, Emerson, Honeywell, Schneider Electric, TUV Rheinland, Yokogawa, YPF, exida, GE Digital, Synopsis, CSSC, CSA Group, IPA-Japan, and others.