CISA, the FBI, the National Security Agency, and the U.S. Department of the Treasury have released guidance on improving the security of open source software (OSS) in operational technology (OT) and industrial control systems (ICS).
Alongside the guidance, CISA published the Securing OSS in OT web page, which details the Joint Cyber Defense Collaborative (JCDC) OSS planning initiative, a priority within the JCDC 2023 Planning Agenda. The initiative will support collaboration between the public and private sectors—including the OSS community—to better understand and secure OSS use in OT/ICS, which will strengthen defense against OT/ICS cyber threats.
CISA encourages OT/ICS organizations to review this guidance and implement its recommendations. Read more at CISA.