Operational technology (OT) has long been part of a technology environment that functions apart from most enterprise IT operations. That has led to communication challenges, misalignment with IT strategies and uncertainty on how to develop OT cybersecurity strategies.
To protect the enterprise as a whole, IT and OT must work together. However, implementing and adopting cybersecurity controls first requires building a solid technical foundation with executive endorsement, says a new Dragos guide.
The guide “5 Critical Controls for World-Class OT Cybersecurity” details why it’s essential to have leadership educated and aligned on the risks of OT security and the differences between IT and OT. “Help them understand that the organization has been focused on reducing IT cyber risk while under-serving OT – the side of the house that actually generates revenue – and that it’s now time to course correct,” the guide stresses.
The guide highlights five key controls to implement now to better secure OT environments, including:
- An ICS-specific incident response plan
- Defensible architecture
- OT visibility: asset inventory, vulnerability mapping and monitoring
- Multi-factor authentication
- Key vulnerability management
This article was produced by Scoop News Group for CyberScoop, and sponsored by, Dragos.