Full Report
The International Society of Automation (ISA) announced Perseus Information Security Consulting has received full accreditation from the A2LA... The post ISASecure expands certification ecosystem with accreditation of Perseus Information Security Consulting appeared first on Industrial Cyber.
Analysis Summary
# Industry News: ISASecure Expands Certification Ecosystem with Perseus Accreditation
## Summary
The International Society of Automation (ISA) has announced that Perseus Information Security Consulting is now a fully accredited Certification Body (CB) for the ISASecure program. Notably, Perseus becomes the first organization worldwide accredited to award the new Automation and Control System Security Assurance (ACSSA) certification, specifically designed for asset owners.
## Key Details
- **Date:** June 12, 2026
- **Companies Involved:** International Society of Automation (ISA), ISASecure, Perseus Information Security Consulting, A2LA (Accreditation Body).
- **Category:** Accreditation / Partnership Expansion
## The Story
Perseus Information Security Consulting has received ISO/IEC 17065 accreditation from A2LA to serve as a certification body for the ISASecure program. This program validates conformance to the ISA/IEC 62443 series, the global gold standard for Industrial Automation and Control Systems (IACS) cybersecurity.
While Perseus is authorized to provide standard certifications—including Component Security Assurance (CSA) and IIoT Component Security Assurance (ICSA)—the major development is their role as the first-ever CB for the **ACSSA program**. Unlike previous certifications that focused heavily on original equipment manufacturers (OEMs), ACSSA focuses on **Asset Owners**, ensuring their specific operational environments meet the rigorous requirements of ISA/IEC 62443-2-1, 2-4, 3-2, and 3-3. Perseus will operate these services out of its offices in the United States and Istanbul, Türkiye.
## Business Impact
### For the Companies Involved
* **Perseus:** Gains a significant "first-mover" advantage in the market for asset owner certification, positioning themselves as a premier global consultant for 62443 compliance.
* **ISASecure:** Expands its geographical footprint (specifically into the Eurasian market through Türkiye) and validates its new ACSSA scheme through a qualified partner.
### For Competitors
* Existing ISASecure certification bodies (in the U.S., Japan, Germany, etc.) now face a new competitor that uniquely holds the ACSSA accreditation, potentially forcing them to accelerate their own ACSSA evaluator training to remain competitive.
### For Customers
* **Asset Owners (Utilities, Energy, Manufacturing):** Now have a clear, accredited path to prove their internal security postures and system architectures are compliant with international standards, which is increasingly a requirement for insurance and regulatory mandates.
### For the Market
* The accreditation signals the maturation of the "Asset Owner" side of industrial security. It marks a shift from focusing solely on "secure products" to "secure operations and implementations."
## Technical Implications
The ACSSA certification specifically addresses critical technical components of the ISA/IEC 62443 standard:
* **62443-3-2:** Security risk assessment and system design.
* **62443-3-3:** System security requirements and security levels.
* **Evaluator Rigor:** Certification requires evaluators to pass the IC49 proctored exam, ensuring a high technical bar for the auditing process.
## Strategic Analysis
* **Market Positioning:** ISASecure is consolidating its position as the dominant certification ecosystem for OT (Operational Technology). By adding Perseus, they bridge the gap between North American and Middle Eastern/European industrial hubs.
* **Competitive Advantage:** Perseus’s dual-presence in the U.S. and Türkiye allows them to navigate different regulatory environments while offering a singular, internationally recognized certification.
* **Challenges:** The primary challenge will be the "evangelization" of the ACSSA certification—convincing asset owners that the cost of formal certification outweighs the benefits of informal self-assessment.
## Industry Reactions
* **Deniz Kaya (Perseus):** Emphasized that the ISA/IEC 62443 standards have become the "global benchmark" and that independent validation is now the necessary next step for asset owners.
* **Mark P. DeAngelo (ISASecure):** Noted that the addition of Perseus is a key step in the rapid global expansion of the certification ecosystem.
## Future Outlook
* **Standardization Trend:** Expect to see more regional consultancy firms seek ISASecure accreditation as global supply chains demand 62443 compliance from their partners.
* **What to Watch for:** Whether insurance providers begin offering lower premiums to asset owners who achieve the ACSSA certification, which would create a massive surge in demand.
## For Security Professionals
Practitioners should note that the "Security Development Lifecycle" is no longer just for software vendors. For those working for asset owners (e.g., in oil and gas or utilities), the availability of ACSSA means that internal cybersecurity programs can now be measured against a formal, third-party audited rubric. This provides CISOs in industrial sectors with a powerful tool for reporting maturity to the Board of Directors.