Six Principles of Operational Technology Cybersecurity Released
The National Security Agency (NSA), along with the Australian Signals Directorate’s Australian Cyber Security Centre, CISA, and other government organizations, have released six general Principles of Operational Technology Cyber Security.
The principles, which are aimed at securing operational technology (OT) environments in critical infrastructure, are as follows:
- 1. Safety is paramount.
- 2. Knowledge of the business is crucial.
- 3. OT data is extremely valuable and needs to be protected.
- 4. Segment and segregate OT from all other networks.
- 5. The supply chain must be secure.
- 6. People are essential for OT cybersecurity.
The document includes examples and explores implications related to each of these principles to help OT professionals effectively develop processes and prioritize actions.
For example, in regard to supply chain security, the guidelines note that:
Some control systems protocols communicate via multicast or broadcast messages, which are sent to all devices on the network. As such, almost any device on the network may be able to view critical control messages and could create and inject messages to cause an undesirable action, making the supply chain of all devices critical.
Read more at NSA.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.