brand

ISA / IEC 62443-2-4 Certification

Projects › ISA / IEC 62443-2-4 Certification

Fores Engineering has recently achieved the prestigious ISA / IEC 62443-2-4 Security program requirements for IACS service providers certification, a result that reflects our strategic investments in OT Cyber Security and our commitment to consolidating expertise and improving business processes.

Achieving this certification marks a significant milestone in our journey to strengthen our position in the Automation, Telecom & Security market by enhancing our internal cross-functional competencies.

The certification was obtained through the consolidation of our experience and know-how in significant projects, enabling us to safely manage the convergence between operational/industrial risk areas and OT/IT technologies.

The achievement reflects our commitment to the security and integrity of industrial systems and represents a fundamental step towards Fores’ future capabilities in continuing to provide highly technological integrated systems that keep pace with the market.

 

 

Applicable capabilities:

Processes for integrated management of industrial Cybersecurity in projects (ISA / IEC 62443-2-4) to support our clients

Supporting companies in complying with legal requirements for industrial plants (NIS 2), including:

  • Implementing IT / Enterprise guidelines within the plant management context (ISO 27001 / NIST CSF)
  • Identifying assets, security architecture, and establishing (or improving) dedicated registers
  • Evaluating (or improving) the current performance of plant systems and procedures’ security Supporting the maintenance, monitoring, or updating/review of identified risk scenarios
  • Evaluating impacts and integration strategies for Safety / Security IEC 61511 / 62443
  • Support for managing and classifying cyber incidents within the plant (Sorint SEC / 2nd level)

 

Maintenance of security and integrity of industrial systems:

  • Evaluation of third-party security/access capabilities involved in the management and supply of systems
  • Network and Endpoint security
  • System patching and vulnerability management
  • Backup and recovery scenarios
  • Cyber-Incident management
  • System log management and analysis
  • Tracking and auditing of security controls for insurance or compliance purposes

Training:

  • Training plant personnel
  • Preparation of supplemental materials for HSE workshops/meetings
  • Training on cyber-incident scenarios and anomaly identification