(TLP:CLEAR) CISA and Partners Release Secure Connectivity Principles for Operational Technology
Created: Thursday, January 15, 2026 - 14:24
Categories: Cybersecurity, Federal & State Resources, OT-ICS Security
Summary: CISA and the UK National Cyber Security Centre (NCSC-UK), in collaboration with federal and international partners, have released “Secure Connectivity Principles for Operational Technology (OT)” guidance to help asset owners address increasing business and regulatory pressures for connectivity into OT networks. The guidance outlines eight principles to use as a framework to design, secure, and manage connectivity into OT environments. These principles are particularly critical for operators of essential services.
Analyst Note: Exposed and insecure OT connectivity is known to be targeted by both opportunistic and highly capable actors, including state-sponsored actors actively targeting critical infrastructure networks. These secure connectivity principles can help challenge attackers’ efforts and raise the threshold necessary to cause disruption. WaterISAC encourages members to meticulously review the principles included in the guidance, which outlines the desirable end-states that organizations should look to achieve when designing connectivity into OT environments. They are intended as goals rather than minimum requirements. These eight principles can be used as further guidance in members’ efforts to implement WaterISAC’s 12 Cybersecurity Fundamentals for Water and Wastewater Utilities.
The eight principles are listed below for member convenience, access the full report for guidance into each principle.
- Principle 1: Balance the risks and opportunities
- Principle 2: Limit the exposure of your connectivity
- Principle 3: Centralise and stardadise network connections
- Principle 4: Use standardized and secure protocols
- Principle 5: Harden your OT boundary
- Principle 6: Limit the impact of compromise
- Principle 7: Ensure all connectivity is logged and monitored
- Principle 8: Establish an isolation plan
Original Source: https://www.ncsc.gov.uk/collection/operational-technology/secure-connectivity
Related WaterISAC PIRs: 6, 7, 8, 12