In the context of the digital era, the ISA/IEC 62443 standards play a pivotal role in safeguarding the cybersecurity of critical infrastructures such as rail transport, electricity, oil industry, semiconductors, and healthcare. With the introduction of new European regulations, such as the Radio Equipment Directive and the Cybersecurity Resilience Act, the importance of enhancing product cybersecurity measures is increasingly emphasized. This presentation will focus on establishing secure product development processes using the ISA/IEC 62443-4-1 standard and address common misconceptions when implementing product security functions as per ISA/IEC 62443-4-2. Through the analysis of real-world case studies, we will explore common misunderstandings and best practices in security design, including continuous threat modeling, security testing, and lifecycle integration. This session aims to empower product manufacturers to more effectively implement these standards, thereby improving product security performance.