From cybersecurity strategy to technical projects, many companies struggle with how to put theory into practice for industrial control systems (ICS). Although it is difficult to completely cover the full range of the IEC 62443 standards and the related literature, this paper summarizes the key points for the IEC 62443 standards and provides some practical recommendations for Cyber Security Management System (CSMS) development. This paper will also consider the importance of product and company certifications to support asset owners in their journey towards IEC 62443 compliance.