As mentioned in the previous blog, IEC 62443-2-1 specifies the requirement of the Cyber Security Management System for IACS which the asset owner can build on. For example, one of the CSMS elements, “selected security countermeasures”, provides useful information to the asset owner on understanding some common security countermeasures used in the systems, whose security capability will be assessed per IEC 62443-3-3.
Another important note is that IEC 62443-2-1 builds on the guidance in ISO/IEC 17799 (revised by ISO/IEC 27002) and ISO/IEC 27001. It encourages users of this standard to read ISO/IEC 27002 and ISO/IEC 27001 for additional supporting information. Also, Annex C of IEC 62443-2-1 provides a mapping of its requirements to ISO/IEC 27001.
Seeing the importance of ISO/IEC 27001 to understand IEC 62443-2-1, we have scheduled ISO/IEC 27001 courses in 2021 and the first session will be on 18-22 January 2021. View our course schedule here and contact us for more information!