ISA Provides Guidance to Newsweek Vantage Report on Cyber Risks to Critical Infrastructure

April 6, 2020

The International Society of Automation (ISA) recently served as the expert partner for an independent report from Newsweek Vantage on cyber risks to critical infrastructure.

The report, titled “Weathering the Perfect Storm: Securing the Cyber-Physical Systems of Critical Infrastructure,” surveyed 415 executives at critical infrastructure organizations to learn whether they are taking a holistic approach to security for operations technology (OT) and information technology (IT). Among other takeaways, the survey found that a holistic approach is a priority for most—and that more than a third of respondents said a cyber breach was the motivating factor.

ISA is the industry expert on standards for automation cybersecurity for OT systems. The ISA/IEC 62443 Series of Standards is the world’s only consensus-based series of standards on automation cybersecurity.

“We’re proud to provide guidance as an expert partner with Newsweek Vantage on this independent report,” said Mary Ramsey, ISA executive director. “The security of critical infrastructure is complex by nature, and we believe research like this is an important part of understanding where the industry can improve as a whole.”

Other key findings from the report include:

  •  –   IT and OT still don’t play well together at many organizations, despite years of effort. Nearly a third of respondents said the primary obstacle is cultural—in other words, that employees are resistant to change.
  •  –   Nearly every executive surveyed said their organization had experienced a security breach within the last year. Almost two-thirds said IT systems were the source of vulnerability leading to at least one of their incidents. A third also attributed their vulnerability to a lack of IT/OT integration, and a quarter added that a lack of secure physical access controls contributed to system vulnerabilities as well.
  •  –   Most organizations are at least partway along the path to IT/OT convergence. 68 percent of respondents said their organizations have integrated some of their OT, IT, and physical systems, and are still working on others. Far fewer—20 percent—have already integrated everything, and fewer still—only 11 percent—have not integrated anything.

Eric Cosman, a consulting engineer and the 2020 ISA president, as well as Steve Mustard, an independent consultant and the incoming 2021 ISA president, also contributed to the report as subject-matter experts.

“It was a privilege to represent ISA and the automation community in providing input to the Newsweek Vantage report,” Cosman said. “Vehicles such as this provide us with an opportunity to reach a much broader audience and raise the awareness of the risks faced by our critical infrastructure. Asset owners must take the time to fully understand the consequence component of this risk and plan their response accordingly using standards, practices, and other resources available to them.”

“The Newsweek Vantage report is the end product of an important piece of research, of which I am very proud to have been a part,” Mustard says. “ISA has long understood the risks to critical infrastructure from cybersecurity incidents, and having the opportunity to be part of this work has allowed us to share our message much further. Although the report shows we still have a long way to go before industry fully embraces the challenge, it provides clear evidence of the need to do so.”

Improving automation cybersecurity across all industries is a central part of ISA’s mission. It created the ISA Global Cybersecurity Alliance ( to advance cybersecurity readiness and awareness in manufacturing and critical infrastructure facilities and processes. It also offers a suite of automation cybersecurity training, including certificate programs.

The full Newsweek Vantage report is available for download here.


Related Articles

Editor’s Pick: Featured Article

Weidmüller’s u-control 2000: The Automation Controller

Weidmüller’s u-control 2000: The Automation Controller

Weidmüller’s scalable engineering software, u-control 2000, adapts individually to your requirements. And, the u-control is powerful, compact and fully compatible with Weidmüller’s I/O system u-remote. This article looks at what makes u-control the heart of your automation.

Programmable logic controllers (PLCs) are one of the main components of any automated system. A typical control system has inputs, outputs, controllers (i.e., PLCs), and some type of human interaction with the system, a human machine interface (HMI), for example.

Read More

Latest Articles

  • How the OS33C Safety Scanner is Making Workplaces Safer and More Efficient

    June 18, 2024 In today’s fast-paced and demanding industrial environments, ensuring workplace safety and operational efficiency is paramount. However, customers often face a range of challenges that hinder their productivity and increase costs. Enter the OS33C Safety Scanner, a revolutionary solution that addresses these issues head-on, making workplaces safer and more efficient than ever before…. Read More…

  • Ensure Food Safety With Clean Compressed Air

    June 11, 2024 Current Good Manufacturing Practices (cGMP), which fall under the Food Safety Modernization Act (FSMA), stipulate the cleanability and cross-contamination standards that food processing plants must follow, ensuring food is safe for consumption. One easy way to meet cGMP and FSMA guidelines is to upgrade your pneumatic systems with proper air filtration systems…. Read More…