A new guide, Principles of Operational Technology Cybersecurity, has been released by the Australian Cyber Security Centre (ACSC) in collaboration with CISA and international partners.
The guide provides crucial information for organizations aiming to secure their operational technology (OT) environments, particularly those in critical infrastructure (CI) sectors.
It outlines the following fundamental principles designed to help companies manage risks and protect against cyber-threats in their OT systems:
-
Safety: Prioritize safety to prevent life-threatening risks in OT systems
-
Business knowledge: Understand critical systems and processes to secure them
-
Data protection: Safeguard valuable OT data, especially engineering configuration data
-
Network segmentation: Isolate OT networks from IT and external connections
-
Supply chain security: Ensure suppliers and vendors meet security standards
-
Skilled personnel: Train staff to monitor, identify and respond to OT cyber incidents
Safety in OT Environments
The first principle highlights the paramount importance of safety in OT environments. Unlike traditional corporate IT systems, OT deals directly with physical processes that, if compromised, can threaten human life. For example, failures in energy or water systems could have severe consequences on public safety and services.
Business Knowledge and Cybersecurity
The second principle emphasizes the need for in-depth business knowledge. Organizations should ensure a deep understanding of their OT systems and processes to better defend against cyber incidents. Key practices include identifying vital systems, understanding how each process operates and ensuring these are defended from both internal and external threats.
Protecting OT Data
Another essential principle included in the guide is the protection of OT data. This data, especially engineering configuration data such as network diagrams and process sequences, can be valuable to attackers. Since OT environments often remain unchanged for decades, securing this information is vital to prevent targeted cyber-attacks.
Network Segmentation For OT Security
Further, the guide stresses the importance of segmenting OT networks from other networks. Separating OT from corporate IT and external networks reduces the risk of compromise through internet-facing services or vendor connections. This measure is critical in preventing attacks that could bypass traditional security controls.
Securing OT Supply Chains
Securing the supply chain is also vital to OT cybersecurity. As vendors and service providers gain increased access to OT systems, organizations must implement rigorous assessments to ensure these external partners adhere to strict security standards. Properly vetting suppliers and service providers is essential to maintaining OT security.
People as the Key to OT Cybersecurity
The final principle emphasizes the role of skilled personnel in OT cybersecurity. Well-trained staff are essential for monitoring, detecting and responding to incidents in OT environments. Building a strong security culture through training and awareness is crucial to ensuring OT systems’ long-term safety and resilience.