- By Renee Bassett
- September 02, 2025
- Opinion
Summary
ISA hosted its third-annual OT Cybersecurity Summit in Brussels, Belgium, on 18-21 June 2025, and what a great event it was!
The International Society of Automation (ISA) hosted its third-annual OT Cybersecurity Summit in Brussels, Belgium, on 18-21 June 2025, and what a great event it was!
Attendees had many good things to say about what has quickly become the industry’s leading event for industrial cybersecurity and technical content surrounding the ISA/IEC 62443 series of standards.
“ISA events offer a unique blend between global cybersecurity professionals and newcomers,” said Nasser Al Alawi from Oman, “and they are all talking the same language about automation and cybersecurity. You can take away immediate actionable insights from expertise and peers facing the same challenges as you are.”
Available exclusively at the ISA OT Cybersecurity Summit for the second time, a virtual escape room experience targeted the training needs of OT cybersecurity and automation engineers. This experience, programmed by the advanced visualizations team at Visco, was a walkthrough of a ransomware attack on an offshore oil and gas production unit. Many attendees cited the escape room experience as one of the highlights of the event. (Users who go to the ISA Automation Summit & Expo this October in Orlando can visit the Igloo Vision booth in the exhibit hall to enjoy the same full-immersion experience.)
The OT Cybersecurity Summit featured two content tracks—threat intelligence and securing the supply chain—with 40 speakers across 35 sessions. Two hundred and fifty attendees and 21 sponsors enjoyed lively discussions, technical demonstrations and so much more.
“At ISA, everyone is open-minded,” said SZ Lin from Taiwan. “We can stick together and discuss the standards, and how to make the world better. And more than that, we have similar perspectives and a fantastic culture. We know about cybersecurity and we know about automation, but the key factor is the people and relationships.”
Keynote sessions kicked off each day. Bola Adesina, director of AI governance and ethics, diversity and inclusion specialist at her own consulting company, discussed how to embrace artificial intelligence technologies while keeping cybersecurity in mind. “We aren’t protecting systems from systems,” Adesina said. “We’re protecting people from people.”
Keynote speaker John Fitzpatrick, founder of Lab539, discussed resilience in OT cybersecurity. ISA President Scott Reynolds also gave a presentation on improving cybersecurity for a more resilient supply chain. His advice: “Just start somewhere. Do something. The easiest way is to start with a passive asset inventory. If you start with 90% of what you have now and you start securing it, that’s better than waiting two years to get the funding to do your 100%."
Highlights
The ISA Global Cybersecurity Alliance (ISAGCA) and ISASecure programs cosponsored this year’s OT Cybersecurity Summit to raise further awareness about their offerings for the operational technology cybersecurity community.
ISAGCA hosted a panel discussion on international regulatory issues and sought feedback from the end-user community in a special session. ISAGCA also shared two white papers focused on the intersection of IT and OT:
- Applying ISO/IEC 27001/2 and the ISA/IEC 62443 Series for Operational Tech Environments
- Understanding the ISA/IEC 62443 Series of Standards from an ISO/IEC 27001 and ISO/IEC 27002 Perspective.
ISASecure shared information about its forthcoming IACS Security Assurance (ACSSA) program to demonstrate operating site compliance with the international standard ISA/IEC 62443. The proposed ISASecure site assessment fills a gap in the OT cybersecurity landscape. It addresses the operating site itself and is the only standards-based program that does so. “We anticipate it will become the global standard used by operating sites, certification bodies, internal auditors and public policymakers,” said Liz Neiman, managing director of strategic engagement for ISA.
Incident Command System for Industrial Control Systems (ICS4ICS) is an ISA program that is designed to improve cybersecurity incident response efforts. ICS4ICS has hosted workshops all over the world to share its training exercises, and provided a workshop on emergency cyber response at the summit. ISA also offered its two most popular training courses as add-ons for those interested in deepening their knowledge of the ISA/IEC 62443 series of standards:
- Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32)
- Assessing the Cybersecurity of New and Existing IACS Systems (IC33).
2026 OT Cybersecurity Summit Planned for Prague
The OT Cybersecurity Summit goes to Prague, Czech Republic, in 2026. Save the date for 16-18 June and check back at otcs.isa.org for details coming soon. As attendee RenĂ© Matthiassen from Denmark said, “This is definitely the event you want to attend on a yearly basis. It is an opportunity to network and hear what’s going on in the industry, speak to a lot of interesting people and see new technologies."
This column originally appeared in the August/September issue of Automation.com Monthly.
About The Author
Renee Bassett is chief editor for Automation.com Monthly digital magazine and other International Society of Automation publications, including Automation.com. Bassett is an experienced writer, editor and project manager for industrial automation, engineering, information technology and infrastructure publications. She has a bachelor's degree in journalism from Indiana University, Bloomington, and is based in Nashville.
Did you enjoy this great article?
Check out our free e-newsletters to read more great articles..
Subscribe