OT Asset Management – An OT Asset is Much More than Just One Device

The importance of asset management cannot be overstated. Asset Management is the first consideration in WaterISAC’s 15 Cybersecurity Fundamentals (Perform Asset Inventories), the CIS Controls (Inventory and Control of Hardware Assets), and countless other standard practice cybersecurity documents and advice. Furthermore, Identify is the first of five core functions of the NIST Cybersecurity Framework, and the first category discussed within that function is Asset Management. A comprehensive asset management program is the foundation of a sustainable cybersecurity strategy, including OT cybersecurity. Industrial cybersecurity firm The Langner Group posted A Comprehensive Guide to OT/ICS Asset Management. The post highlights key differences between IT and OT asset management, importance of one authoritative inventory, active versus passive asset discovery, and significance of context through metadata. There is also a review of use cases and workflows, and an OT application to the NIST Cybersecurity Framework. Read the post at Langner