IEC 62443 (OT cybersecurity)

IEC 62443 is the suite of international standards dedicated to the cybersecurity of industrial systems (OT, Operational Technology). It defines four security levels (SL1 to SL4) and structures requirements for operators, integrators and component vendors. We systematically apply it to new pharma and industrial projects: network segmentation (zones and conduits), hardening of controllers and HMIs, remote access management, logging, patch management, incident response plan. In 2026, ignoring IEC 62443 on a new pharma project has become indefensible: Swissmedic, FDA and cyber insurers rely on this reference to assess OT maturity. Missing or poorly designed segmentation at commissioning is almost impossible to correct after go-live without a production shutdown.