ICS/OT Cyber Resilience – Federal and International Partners Release Guidance on Principles of OT Cybersecurity for Critical Infrastructure Organizations

On Tuesday, CISA, the FBI, and the NSA joined eight international partners to publish a guide for critical infrastructure organizations called “Principles of Operational Technology Cyber Security”. The guidance is primarily for the water, energy, and transportation sectors and outlines six principles to be used in the creation of a safe and security-minded OT environment. They are intended to aid organizations in identifying how business decisions may adversely impact the cybersecurity of OT and the specific risks associated with those decisions. CISA encourages OT decision makers to apply these six principles when making impactful decisions that may affect the cybersecurity of the OT environment. It is further recommended that critical infrastructure organizations review the best practices and implement recommended actions which can help ensure the proper cybersecurity controls are in place to reduce residual risk in OT decisions.

On Tuesday, CISA, the FBI, and the NSA joined eight international partners to publish a guide for critical infrastructure organizations called “Principles of Operational Technology Cyber Security”. The guidance is primarily for the water, energy, and transportation sectors and outlines six principles to be used in the creation of a safe and security-minded OT environment. They are intended to aid organizations in identifying how business decisions may adversely impact the cybersecurity of OT and the specific risks associated with those decisions. CISA encourages OT decision makers to apply these six principles when making impactful decisions that may affect the cybersecurity of the OT environment. It is further recommended that critical infrastructure organizations review the best practices and implement recommended actions which can help ensure the proper cybersecurity controls are in place to reduce residual risk in OT decisions.