ISA Interchange

Welcome to the official blog of the International Society of Automation (ISA).

This blog covers numerous topics on industrial automation such as operations & management, continuous & batch processing, connectivity, manufacturing & machine control, and Industry 4.0.

The material and information contained on this website is for general information purposes only. ISA blog posts may be authored by ISA staff and guest authors from the automation community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

All Posts

“SBOMs Away”—ISA’s Inaugural Podcast is Live

PodomationISA’s original podcast covering all things automation and cybersecuritylaunched its inaugural episode highlighting the topic of SBOM, or software bill of materials, last month. The podcast plans to continuously bring in guests who are subject matter experts from throughout the industrial automation community.

Podomation’s July-released episode was recorded live at the OT Cybersecurity Summit in Aberdeen, Scotland. OT Cybersecurity Summit welcomed over 120 training and conference delegates to Aberdeen, selecting the location given the city’s strategic position in the energy sector.

ISA’s own Morgan Foor facilitated the educational conversation between Chris Blask (Vice President of Strategy, Cybeats), Steve Mustard (ISA Treasurer and President of National Automation, Inc.), and Cheri Caddy (Deputy Director at the US Office of the National Cyber Director at the White House). Blask, Mustard, and Caddy broke down the importance of SBOM and how it impacts software supply chain risk management.

 

Keynote Speaker Cheri Caddywho has worked on supply chain issues for years for the federal governmentshares that she’s excited about how the conversation surrounding SBOM is advancing quickly. Like all cybersecurity issues that impact critical infrastructure, Caddy shares that SBOM is challenging and complex.

The ISA/IEC 62443 series of standards “is all about what needs to be done and not how, which is deliberate, as the standards are all about what needs to be done without being prescriptive about technology or vendor” adds Mustard. “There is a huge opportunity for addressing this requirement,” he continues, and explains how from a future policy standpoint, transparency is going to be imperative in the future.

Foor further explains that according to Dr. Allan Friedman (Director of Cybersecurity Initiatives at the National Telecommunications and Information Administration), another speaker at the OT Cybersecurity Summit, the average pickup truck now has more coding in it than some of the retired spaceships. With that in mind, it becomes more important to have a deep understanding of the complexity of products, systems, and services that make up critical infrastructure sites and systems.

The first Podomation episode culminates with a thought-provoking question posed to the experts, “What is a security spectrum that we can rely on, not necessarily wanting to be the most secure or the low-hanging fruit? Where do you want to be?”

Blask, Mustard, and Caddy discuss how first it depends on who you are and if you’re regulated, and how optimally, the baseline of cybersecurity across the board would be raised for everyone. Also, the panelists discussed how cybersecurity is indeed a spectrum with each organization’s tolerance for risk as a key factor. At a minimum, you don’t want to overlook the basic elements of cyber-hygiene, and the population should be encouraged to raise this on a basic level.

The experts discussed how it can and should be clearer about what controls should be in place to ensure security, and fortunately there are globally recognized standards and conformance programs in place to do just that. The bottom line is that transparency in the supply chainand in cybersecurity overall­is simply imperative.

Are you interested in being a guest on Podomation, or in advertising during one of our upcoming episodes? Feel free to send us a note at podomation@isa.org.   Subscribe wherever you listen to podcasts to see new episodes as soon as they are available. Future topics include industry 4.0, digital transformation, manufacturing and machine control, connectivity and cybersecurity for operational technology, and continuous batch processing.

Some Podomation episodes will be live from ISA events, and others recorded in studio. striving to continuously focus on the critical role that automation plays in making the world a better place, as well as the variety of ways that our community is making a difference.

Ashley Ragan
Ashley Ragan
Ashley is Digital Content Specialist at the International Society of Automation (ISA).

Related Posts

Ask the Automation Pros: The Use of Artificial Intelligence in Process Control

The following discussion is part of an occasional series, "Ask the Automation Pros," authored by Greg McM...
Greg McMillan Nov 12, 2024 4:30:00 PM

Protecting Electrical Terminal Blocks From Tampering

Electrical terminal blocks are a common sight in the automation world. Usually mounted on DIN rail in ind...
Anna Goncharova Nov 8, 2024 10:30:00 AM

How to Access ISA Technical Content

You Have Questions? ISA Has Answers. Serving up member-generated technical content related to standards, ...
Renee Bassett Nov 5, 2024 7:00:00 AM