【2026 ISA 重量級講者】ISA/IEC 62443 核心推手 Kevin Staggs,揭開工控資安標準的誕生秘辛!
如果您身處工控資安 (OT Cybersecurity) 領域,絕對不能不認識 ISA/IEC 62443 系列標準!
2026 年,ISA Taiwan Section 很榮幸邀請到擁有超過 45 年工業控制系統 (ICS) 經驗,更是 IEC/ISA 62443-4-2 標準首席編輯 (Lead Editor) 的權威專家 — Kevin P. Staggs 來到台灣參與 ISA Taiwan Section 在 7 月 16 舉辦的專業聚會!
Kevin 曾任知名大廠 Honeywell 資深院士 (Senior Fellow),在長達 44 年的職涯中,他從硬體設計一路晉升為系統架構與資安專家。早在 1994 年,他便開始協助企業將商用現成技術 (COTS) 安全地整合至工控環境,並著手為工業系統定義安全軟體開發生命週期 (SDLC)。
身為 ISA-99 委員會的資深委員與 ISA 安全合規機構 (ISCI) 的創始成員暨前技術總監,Kevin 完整參與了各項驗證計畫的建立,並成功將早期需求轉化為今日廣為全球採用的 ISA/IEC 62443-4-2 標準與 CSA 產品認證。
在本次 ISA Taiwan Section Q3 的聚會活動中,Kevin 將親自帶領我們:
✅ 深入探討 IEC 62443-3-3、4-1 與 4-2 國際標準的制定歷程與實務應用。
✅ 解析如何順利通過 ISCI 針對產品與開發流程的合規性評估。
✅ 獨家分享:如何在大型企業內部推動並深植強大的「工控資安文化」。
無論您是產品供應商、系統整合商還是資產擁有者,這都是一場能與 IEC 62443 標準奠基者直接對話的絕佳機會!
也請您立刻追蹤 ISA Taiwan Section 的 LinkedIn 專頁,掌握最新活動報名資訊!
[ISA Taiwan Section 2026 Q3 Meetup Keynote] Meet Kevin Staggs: The Core Architect Behind the IEC 62443 Standards!
About Kevin P. Staggs
Kevin Staggs has more than 45 years of experience in industrial control systems. He worked for over 44 years at one of the major control system companies, beginning his career as a technician and rising to Senior Fellow at the time of his retirement from that company.
During his career, he was a hardware design engineer, software engineer, systems engineer, system architect, and cyber security expert. He spent the last 25 years of his career improving the cyber security of products designed and manufactured within the company. While with the company, Kevin encouraged it to become a founding member of the ISA Security Compliance Institute (ISCI). He served on the board of directors of ISCI until his retirement, primarily as its Technical Director.
Kevin became a voting member of the ISA99 Committee in 2009. Kevin was instrumental in the creation of the first ISCI certification programs, beginning with the Embedded Device Security Assessment (EDSA), and in leading the development of the 62443-4-2 standard, using the EDSA requirements as input. Once the 62443-4-2 standard was released, he drove the transition from EDSA to the Component Security Assessment (CSA) program.
He currently serves as co-chair of two joint teams developing and updating the 62443 standards. He is also the lead editor of the IEC/ISA-62443-4-2 standard. Since his retirement from full-time work in 2021, Kevin has been an active consultant in the field of cyber security of control system products and deployment of those products. He was the author of two ISA-GCA whitepapers and a substantial contributor to the new ACSSA program being rolled out by the ISA Security Compliance Institute.
Presentation summary
Kevin Staggs began his cyber security. Journey when his employer, Honeywell, began definition of a new control system that would move from the proprietary system at the time to a more open system based on commercial off-the-shelf (COTS) technologies. Kevin was a system engineer at the time and was assigned to ensure that the new system would be secure. His focus at the time was on security requirements for the new system. Shortly after the announcement in 1994 that Honeywell would be moving their proprietary industrial control system to COTS several Honeywell customers asked to work with Honeywell to make sure this new system would integrate securely into their operational environments, and Kevin was assigned to work with those customers as well.
Determining the cyber security requirements was just the beginning. Over several years, Kevin worked with the organization to define software development processes and create a secure development lifecycle for Honeywell’s industrial systems division. Kevin will give an overview of the creation of that development process.
Kevin was assigned to be a spokesperson for Honeywell’s Industrial Control systems designed in cybersecurity after these processes were developed and implemented. Through this activity, Kevin was asked to become a member of the ISA-99 committee and became an advocate for the creation of the ISA Security Compliance Institute. Kevin will share his experiences with the creation of the 62443-3-3, 4-1, and 4-2 standards. He will also share his experiences with the creation of the ISCI conformity assessments for components, systems, and the development lifecycle while the technical director for ISCI.
Kevin spent the last 11 years of his career at Honeywell, driving cybersecurity across most of Honeywell’s product development organizations, and he will share an overview of how to create a cybersecurity-aware development culture across the company.
發表迴響