Moxa Inc., a leader in industrial communications and networking, with a focus on securing industrial networks, is delighted to announce it has obtained the IEC 62443-4-1 certification pertaining to cybersecurity standards.
The certification testing and audit was performed by LCIE Bureau Veritas and issued by the IECEE certification body. Moxa has always been involved in the cybersecurity industry and was one of the first companies globally to become IEC 62443-4-1 certified by the world-leading conformity assessment and certification services provider.
The IEC 62443 standard Part 4-1 defines a secure development lifecycle for the purpose of developing and maintaining secure products used in industrial automation and control systems. The IEC 62443-4-1 certificate confirms that Moxa has implemented a secure by design methodology from the first day of the product development process, which includes complete security lifecycle management and patch management. This certificate also demonstrates Moxa’s capability to identify and respond to vulnerabilities and work with customers to mitigate their risks.
According to IDC’s latest worldwide IT and OT Convergence survey in 2020, the key motivations for IT/OT convergence are enhancing operational safety and performance, reducing costs, and improving quality. Another important observation from the report is that globally, 48.8% of IT and OT management owners consider security to be the top barrier to IT/OT convergence. This point highlights the importance OT enterprises place on security when embracing Industry 4.0 or the Industrial Internet of Things (IIoT) in order to significantly enhance operational efficiency and productivity.
“In response to our customer’s concerns, Moxa has been actively looking into the security requirements of IEC 62443 standards dating back to when they were still under development in 2016,” said Samuel Chiu, General Manager of Moxa Networking Co. Ltd. “By adhering to the strict verification process of IEC 62443 standards, Moxa not only provides industrial-grade solutions, but also ensures that security is part of the DNA of its reliable networking solutions throughout the product development process. We provide our customers with the assurance that they can connect their valuable assets with Moxa’s solutions and be confident that they can keep their operations running smoothly.”
Moxa has also been following the evolving cybersecurity best practices in order to ensure our solutions work harmoniously with the latest technological innovations of edge devices while mitigating the latest cyberthreats. One of the best practices is shared in Enhancing ICS Cybersecurity in the Software Development Lifecycle. This article, which features on the ISA Global Cybersecurity Alliance blog, was contributed to by SZ Lin, Assistant Project Manager at the Technology and Research Corporate Division of Moxa. Lin was the first person in Taiwan to be awarded the ISA/IEC 62443 Cybersecurity Expert Certificate. In addition to Lin, Felipe Sabino Costa, whose current roles include ISA cybersecurity instructor and Moxa LATAM Industrial Cybersecurity Expert, also pointed out some key criteria in his article Can a Solution Provider Handle Industrial Cybersecurity? 8 Questions to Ask. His article can also be found on the ISA Global Cybersecurity Alliance blog, and has helped guide business owners to develop mission-critical solutions that include cybersecurity by design.
Before obtaining the IEC 62443-4-1 certificate in May 2020, Moxa has been following the development of the standard for five years and has designed our products in accordance with its guidelines. In addition, Moxa has spent considerable resources on educating the market about not only the importance of the standard, but how we embed its principles throughout all stages of our hardware and software development. Only when cybersecurity awareness is increased can industrial network security be enhanced by joint forces. Bearing this in mind, Moxa will continue investing in cybersecurity and work closely with our customers to ensure that “secure by design” solutions can be implemented successfully.