TI Safe

Class | Support & Admin | DL | Hub |

People

Policies

Automation Security Policy

Industrial governance must be implemented in accordance with the good practices of ISA / IEC 62443, NIST 800-82 and NERC-CIP, among others. The first step in establishing governance is the development and implementation of a set of security policies specific to the automation area. The Automation Security Policy is an instrument designed to establish rules for the use, control and adequate protection of the automation environment and the assets that make up this environment, preserving its availability, integrity and confidentiality and ensuring business continuity and competitiveness.

Figure: Example of a set of documents that form an industrial automation security policy

 

Composed of a set of documents with standards and technical guidelines for industrial automation security that deal with the strategic aspects of the organization and its policy on key issues for governance, the policy details security controls for key items such as edge security, the industrial network protection, the data securitythe combat malware and education of users about cybersecurity. The policy must be in line with the company's strategic planning and in compliance with current standards and best practices, such as IEC 62443 and NIST 800-82. TI Safe's consultants understand that each customer has their needs, unique characteristics, so each policy is prepared in conjunction with those responsible for the automation plant in order to remain aligned with the company's vision.