At Triple i, we see IEC 62443 for OT Cyber Security most often in the same conversations as SCADA and PLC upgrades, industrial network changes, vendor support models, and compliance-led risk reviews. The standard gives asset owners a structured way to protect industrial automation and control systems without losing sight of what matters on site: safety, availability, maintainability and continuous improvement.
We are a multi-disciplined industrial services company delivering engineering and technology, construction, service and support, product sales and integrated solutions across the asset lifecycle. That lifecycle capability matters in OT cyber security because “good” controls must be buildable, commissionable, and supportable long after the project team leaves site.
Why IEC 62443 Matters Right Now
OT environments have changed. Plants need more data visibility, more integration between systems, and more remote support across geographically distributed operations. At the same time, the threat landscape has not slowed down, and credential compromise plus unsafe remote access paths remain common causes of incidents.
IEC 62443 helps asset owners move from “secure the network” to a structured program that covers governance and technical controls. In recent updates, IEC 62443-2-1:2024 reinforces security program requirements for asset owners, and IEC PAS 62443-1-6:2025 adds guidance for applying the 62443 series to Industrial Internet of Things (IIoT) deployments.
Our view is practical: you do not need to do everything at once. You need a risk-based target state, and a staged plan you can deliver while keeping your site safe and productive.
Zones and Conduits, The Segmentation Model We Start With
When we apply IEC 62443, zones and conduits are the core design concept we use to make segmentation real and defensible.
- A zone is a group of systems with similar security needs, based on risk and consequence.
- A conduit is the managed communication path between zones, where you control and monitor what traffic is allowed.
This matters because many OT networks grew organically. Over time, extra connections get added “just to get it working”, until a site ends up with a flat network where a single compromise can spread quickly.
What a workable zone set looks like
We usually start with a simple, site-friendly zone model and expand only when risk demands it. A common baseline includes:
- Enterprise IT zone (business systems)
- OT DMZ zone (buffer layer for data exchange and remote access)
- Operations zone (historians, OT services, engineering workstations)
- Control zone (PLCs, DCS controllers, SCADA servers)
- Safety zone (safety instrumented systems where applicable)
Then we define conduits so each pathway is intentional, controlled, and supportable.
This is also where good engineering makes the difference. Our engineering and technology team delivers control, automation and data integration services, so segmentation can be designed alongside control system upgrades rather than added late. You can explore our capability here.
If segmentation is on your upgrade list, talk to us about fit-for-purpose controls and network design.
What “Good” Looks Like For OT Access Control
In our experience, access control is where OT programs either build confidence or create frustration. “Good” is not about adding barriers everywhere. It is about improving accountability and reducing avoidable risk without slowing maintenance.
A practical OT access control baseline typically includes:
- Unique user accounts where feasible (minimise shared logins)
- Role-based access and least privilege (operators, maintainers, engineers, vendors)
- Stronger authentication for privileged access, especially remote access
- Clear change accountability, including who changed logic, setpoints, recipes, or configurations
- Logging and review for privileged access and key system events
- Joiners, movers, leavers discipline, so access is removed promptly when roles change
Because we work across engineering and lifecycle support, we focus on controls your team can sustain, including how access reviews fit into shutdown planning and continuous improvement.
Vendor Remote Access, What We Aim For
Vendor remote access is often necessary for specialist support, but it should not become an unmanaged tunnel into your control network.
Vendor remote access is often necessary for specialist support, but it should not become an unmanaged tunnel into your control network.
When we design or uplift vendor remote access, we aim for a target state that includes:
- Access via an OT DMZ, not direct-to-control connections
- Time-bound access, enabled only when needed
- Approval workflow, owned by site, not vendors
- Multi-factor authentication (MFA) for remote sessions
- Session logging (and recording where appropriate)
- Controlled file transfer, with clear pathways and scanning processes suited to OT constraints
This aligns with broader OT guidance, including NIST SP 800-82, which emphasises OT-specific security measures while accounting for safety and availability requirements.
How We Scope an IEC 62443 Uplift Roadmap
A roadmap needs to respect reality: legacy systems, limited outage windows, and the operational cost of change. Here is how we scope it at a high level.
1) Confirm scope, consequence and constraints
We start by mapping what matters most:
- safety and environmental consequence
- production critical processes
- current support model (including vendor dependencies)
- outage windows and project timing
2) Map current zones and conduits
We document the “as-is” structure:
- key assets and communications
- current remote access paths
- where trust is implicit (flat segments, shared credentials, unmanaged connections)
3) Define a target state you can sustain
IEC 62443 is risk-based. The goal is not maximum security everywhere. It is an appropriate target per zone and conduit, supported by operational practices.
4) Prioritise actions into phases
We usually separate work into:
Quick wins (low disruption)
- harden remote access and vendor access rules
- tighten privileged access and logging
- clean up shared accounts and stale access
Planned work (shutdown or project windows)
- implement deeper segmentation changes
- upgrade legacy platforms that cannot support required controls
- redesign network architecture for long-term maintainability
5) Embed continuous improvement
The uplift only holds if it becomes part of your operating rhythm:
- onboarding and offboarding
- OT change management
- incident readiness that respects safety and uptime
We support this across the lifecycle through integrated delivery and ongoing service support. Explore our Integrated Solutions and Service and Support.
Practical takeaway we use to get momentum
If you want a starting point that creates progress fast, we recommend:
- Define a small set of zones (keep it understandable)
- Treat conduits as enforceable pathways with monitoring
- Fix vendor remote access first if it is unmanaged
- Strengthen privileged access and visibility
- Build a phased roadmap tied to shutdowns and projects
Build IEC 62443 Into How The Plant Runs
IEC 62443 for OT Cyber Security works best when it is not treated as a one-off compliance exercise. We use it to design practical segmentation with zones and conduits, lift access control in a maintainable way, and make vendor remote access safer without slowing support. Delivered as a staged roadmap, it becomes a continuous improvement program that strengthens operational integrity over time.
If you want an IEC 62443-aligned uplift roadmap tailored to your site, contact our team today.