Source URL: https://www.cisa.gov/news-events/alerts/2024/10/01/asds-acsc-cisa-fbi-nsa-and-international-partners-release-guidance-principles-ot-cybersecurity
Source: Alerts
Title: ASD’s ACSC, CISA, FBI, NSA, and International Partners Release Guidance on Principles of OT Cybersecurity for Critical Infrastructure Organizations
Feedly Summary: Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)—in partnership with CISA, U.S. government and international partners—released the guide Principles of Operational Technology Cybersecurity. This guidance provides critical information on how to create and maintain a safe, secure operational technology (OT) environment.
The six principles outlined in this guide are intended to aid organizations in identifying how business decisions may adversely impact the cybersecurity of OT and the specific risks associated with those decisions. Filtering decisions that impact the security of OT will enhance the comprehensive decision-making that promotes security and business continuity.
CISA encourages critical infrastructure organizations review the best practices and implement recommended actions which can help ensure the proper cybersecurity controls are in place to reduce residual risk in OT decisions.
For more information on OT cybersecurity, review our Industrial Control Systems page and the Joint Cybersecurity Advisory Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems to help critical infrastructure organizations manage and enhance their OT cybersecurity.
AI Summary and Description: Yes
Summary: The release of the guide “Principles of Operational Technology Cybersecurity” by the Australian Signals Directorate’s ACSC in collaboration with CISA emphasizes critical measures for securing operational technology (OT) environments. It is particularly relevant for professionals in cybersecurity focused on industrial control systems and OT risk management.
Detailed Description: The guide aims to enhance cybersecurity practices within operational technology environments, which are crucial for maintaining the functionality and security of critical infrastructure. The following points summarize the major aspects:
– **Collaboration Across Agencies**: The initiative is a joint effort between the Australian Signals Directorate’s ACSC and CISA, along with international partners, reflecting a global approach to OT cybersecurity.
– **Principles of OT Cybersecurity**: The guide outlines six principles designed to assist organizations in understanding the impact of business decisions on OT cybersecurity. This understanding can help mitigate specific risks associated with these decisions.
– **Risk Management**: By filtering decisions that could affect OT security, organizations can make informed choices that not only bolster security but also ensure business continuity.
– **Best Practices and Actions**: CISA encourages organizations managing critical infrastructure to adopt the best practices highlighted in the guide. Adhering to these recommended actions can significantly improve the cybersecurity controls within OT environments and minimize residual risks associated with operational decision-making.
– **Resources for Further Information**: The advisory suggests further resources such as the Industrial Control Systems page and Joint Cybersecurity Advisory Immediate Actions to help organizations effectively manage their OT cybersecurity landscape.
In summary, this guide provides critical insights for security professionals, especially those in sectors reliant on operational technology, highlighting the importance of integrating cybersecurity considerations into business decisions. The proactive measures and partnerships conveyed through this initiative can bolster overall cybersecurity resilience in critical infrastructure.