NSA Offers Best Practices for OSS in Operational Technology
Implementation and patching of open source software (OSS) in operational technology (OT) environments “continues to be a challenge due to safety concerns and the potential disruption of critical systems,” according to the NSA.
To promote better understanding and highlight best practices, the NSA, along with CISA and other agencies, has released new guidance for securing these systems.
The fact sheet recommends “supporting OSS development and maintenance, patch management, authorization and authentication policies, and establishing common frameworks.” The guidance “also encourages the adoption of “secure-by-design” and “secure-by-default” principles to decrease cybersecurity risk in OT environments.”
10/30/2023