Skip to content
ISA/IEC 62443 Quick Start Guide Start Reading
About Contact News & Events

2025
YEAR IN REVIEW

 

The ISA Global Cybersecurity Alliance (ISAGCA) is a collaborative forum to advance OT cybersecurity awareness, education, readiness, standardization and knowledge sharing, underscoring the broad applicability of the ISA/IEC 62443 series of standards.

The voice of ISAGCA is global, with members from more than 2,400 combined worldwide locations and 31 industries. 

Key Focus Areas

Promote

Awareness of ISA/IEC62443

Grow

Adoption of ISA/IEC 62443

Expand

ICS4ICS programming

Promote Awareness of ISA/IEC 62443

OTCS-infographic listing 250 attendees, 40 speakers, 35 sessions and workshops for IC32 and IC33.
OT Cybersecurity Summit

ISAGCA was a sponsor of the 2025 OT Cybersecurity Summit in Brussels, with presentations and panels, including a popular panel with Eloise Ryon (Schnieder Electric), Lukasz Kister (Honeywell) and Steve Ferguson (ISA) on CRA and ISA/IEC 62443. Additionally, ISAGCA’s Incident Command System for Industrial Control Systems (ICS4ICS) collected feedback one day and conducted a full-day workshop the next day.

Webinars, Whitepapers and Presentations

Late Spring, ISAGCA sponsored a webinar, "A Whitepaper Review: NERC CIP & ISA/IEC 62443 Comparative Analysis" with Mark DeAngelo (ISASecure) and Tobias Whitney (Cumulys) in follow-up to our 2024 whitepaper.

June 2025 saw the release of ISAGCA’s paper, "Securing Operational Technology: Understanding the ISA/IEC 62443 Series of Standards from an ISO/IEC 27001 and ISO/IEC 27002 Perspective."

Member, Markus Wunsche (Eaton) presented on the "European Union Legislative Landscape" via a webinar, which was an update on his 2024 webinar.

FM Approvals, Nejra Lalic, Business Development Engineer, in October, explained the "CRA & RED Compliance, Timelines and Impact."

And, we closed our 2025 strong with a webinar panel discussion on "Securing Critical Infrastructure Enabled by Secure by Operations Principles" with Anna Damon (Schneider Electric), Ciaran Murphy (Neodyne), Frank Sanjay (Eaton), Ivan Savov (ERPI) and Phillip Page (Nozomi Networks).

Securing Operational Technology

Understanding the ISA/IEC 62443 Series of Standards from an ISO/IEC 27001 & ISO/IEC 27002 Perspective.

Secure Software Development Framework

Comparison of ISA/IEC 62443-4-1 and NIST SP 800-218.

AI Risks to Critical Infrastructure

Briefing of AI Critical infrastructure.

ISAGCA-map2-1
Leveraging Global Industry Forums to Raise Awareness

From an Awareness and Outreach perspective, ISAGCA members did an incredible job with speaking engagements, editorial placements and media mentions throughout the world, significantly surpassing goals.  In 2025, ISAGCA continued to target opportunities to amplify awareness of ISA/IEC 62443 globally.  

ISA exhibited at or had speakers at:

S4, ARC Forum, IOT World Congress, Automate, SPAB, CS2AI, CyberEx, AIChE, CS4CA, OT.SEC.CON, Cybersec, Critical Effect, ICC/NIBS, Honeywell HUG, SEMICON, SEMICON West, WEFTEC, LEHI, Global Imp 

Maximizing Visibility with Comprehensive Content

ISAGCA continued bringing exposure to cybersecurity topics and ISA/IEC 62443 in 2025 through insightful, knowledge-driven blog articles and website content. Exceeding its goal, ISAGCA brought in over 156k website views and more than 101k blog views. Popular blog topics covered a range of technical topics to include:

Publications - Annual Report 2025

Growth Adoption of ISA/IEC 62443

2025 Government and Industry Collaboration Updates

In 2025, we continued collaborating with the Idaho National Laboratory (INL), the National Institute of Standards and Technology (NIST), the National Initiative for Cybersecurity Education (NICE), the Department of Energy (DOE), the Department of Defense (DOD), Homeland Security, the Transportation Security Administration (TSA), the Office of Cybersecurity, Energy Security, and Emergency Response (CESAR) and the North American Electric Reliability Corporation (NERC). Members also provided valuable feedback and timely updates on the European Union's (EU) ongoing work on the Cyber Resilience Act (CRA) and the Radio Equipment Directive (RED).

CISA Document Incorporates ISA/IEC 62443 Standards

ISA/IEC 62443 have been incorporated into the US's Cybersecurity and Infrastructure Security Agency (CISA)’s document, “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators.”

ISAGCA Continues to Amplify Awareness of ISA/IEC 62443 Globally

In 2025, we saw Australia adopt ISA/IEC 62443 nationwide. The Australian announcement cites several specific benefits to adoption, including protection of public health by helping to reduce the risk of system failures caused by cyberattacks; support of social stability by safeguarding the essential services communities rely on; boosting economic opportunities by allowing consumers to safely participate in energy markets, such as selling power back to the grid; and reducing reputational risk by minimizing the chance of prolonged outages and public fallout for organizations managing critical infrastructure.

ISAGCA Members Continue to Gain Cybersecurity Certification from ISA Training

In the first quarter of 2026, ISASecure will roll out the OT Industrial Automation Control Systems Cybersecurity Assessment (ACSSA) scheme. It evaluates individual automation and control systems that are in the operation and maintenance phase of their security lifecycle at end user sites. The scope includes all types of automation and control systems in all industries, beginning with traditional process industries and adjacent industries in critical infrastructure like oil and gas, chemicals and water/wastewater. ISAGCA members will receive a discount on the ISASecure ACSSA for Evaluators (IC49), a 3-day training course. ISAGCA members also receive a discount on ISA cybersecurity self-study, modular "M" courses, including IC32M, IC33, IC34M, IC37M and IC46M. Learn More.

Expand ICS4ICS Programming 

ICS4ICS Logo - Color RGB

The Incident Command System for Industrial Control Systems (ICS4ICS) program is designed to improve management of cybersecurity incidents that impact industry. In 2025, we:

  • Created/updated ICS4ICS resources: Version 4 (2025) ICS4ICS exercise materials and video; various ICS4ICS procedure templates and guides
  • Hosted nine industry sector-specific and ICS4ICS educational webinars: space; pipeline; higher education; power generation; metals; battery; staffing ICS4ICS/CIRT; ISA OT Cybersecurity Summit (ICS) and ISA Automation Summit & Expo (ASE)
  • Developed other webinars for delivery in 1Q 2026: Promoting ICS4ICS to business; aviation; water utilities including small and large; and a technical incident response exercise
  • Presented ICS4ICS to several audiences to create awareness and engage parties to assist with the ICS4ICS mission
  • Assisted people to create 150+ ICS4ICS credentialled for roles 
  • Developed plan to generate revenue for ISA from ICS4ICS licenses:  ICS4ICS consulting services; ICS4ICS subscription to ICS4ICS/CIRT planning capabilities; and ICS4ICS training and exercise (up to 3-day) events

Additionally, ICS4ICS conducted an all-day workshop at ISA’s ASE in Orlando, FL, USA in October 2025.

2025 ISAGCA Members