Yokogawa is proud that Cybersecurity Consultant Mark Hellinghuizer passed all ISA/IEC 62443 exams this summer. With this, he has achieved the desired Cybersecurity Expert status. A good reason to ask Mark a few questions about this!
Yokogawa stimulates cybersecurity training programmes among its specialists
As part of Yokogawa's ongoing efforts to meet the growing needs of its customers in the field of securing industrial control systems, Yokogawa encourages the cybersecurity team to continue its development. For example, by following the ISA99 Industrial Automation and Control Systems Security certification programme of the ISA standardisation organisation. The programme is specially designed for professionals involved in IT and control system security roles.
ISA/IEC 62443 cybersecurity certificates are awarded to those who successfully complete the training programme and pass the exams offered through the Prometric test centres.
What have you done to achieve cybersecurity expert status?
Mark: 'I followed all four training courses online last summer, which I found more practical than the classroom training sessions. That meant that I watched videos three days in a row per certificate and took gained knowledge. Then I learned two extra days after which I took the exams that I passed all four at once. So, it took me roughly twenty-two days'.
How special is this?
‘A lot of cyber security specialists work for Yokogawa, so I don't know exactly, but what I do know is that the combination I have with CISSP and GISCP is quite unique! I have to say that I found CISSP to be the most challenging of all the cybersecurity courses I have followed. For that certificate, you really have to acquire knowledge of many different components, from legislation, security management to fire protection'.
Do you need to maintain this cybersecurity expert status?
‘Of course, as a cyber security expert you never stand still, just like the hackers who are constantly coming up with new entrances for a cyber-attack. The advantage of a training programme is that if you want to retain your certificates, you need to keep your knowledge up to date. I collect credits for this throughout the year. By attending training courses, reading books and attending webinars or events.’
What are the benefits for Yokogawa's customers of having this knowledge in-house?
‘As a security manager or plant manager, you want a safe factory that is protected against cyber-attacks by hackers. After all, not only in IT, but also in the OT, cybercrime is an increasing threat. The ISA/IEC 62443 has become an important standard in the industry to counter this threat. With the knowledge I have now gathered together with our years of experience, we know even better what you need to do to properly secure a plant and raise your cybersecurity level so that your plant is protected against new security threats.’
Why are you in favour of this ISA/IEC 62443 standard?
‘It gives a lot of clarity that our profession has a solid standard, because that's how we all speak the same language. That is better for everyone. With the big advantage that you, as a client, are offered the best possible solution. This is reflected, for example, in the Yokogawa Cybersecurity Risk Assessment that the cybersecurity team co-developed partly based on the ISA standard. We can carry out such an assessment much more efficiently for a client, after which a plant- or security manager, receives practical recommendations in a report about how your plant should ideally look and, of course, how you can keep your security up to date'.
The International Society of Automation, is a leading global non-profit organization. The ISA sets standards for automation by helping 30,000 members solve complex technical problems and improve their leadership and career opportunities. Based in the United States, ISA develops standards, certifies industry professionals, provides education and training, publishes books and technical articles for automation professionals.