The U.S. Cybersecurity and Infrastructure Security Agency (CISA), working with the Federal Bureau of Investigation, the U.K.’s National Cyber Security Centre (NCSC), and other international partners, has released joint cybersecurity guidance for OT (operational technology) environments. The document provides a definitive OT record that helps organizations conduct more comprehensive risk assessments, prioritize critical and exposed systems, and implement stronger security controls.
It also covers managing third-party risks, protecting OT information, and designing effective architectural safeguards. The guidance emphasizes closer collaboration between OT and IT teams and alignment with international standards such as IEC 62443 and ISO/IEC 27001. Organizations are urged to adopt these practices to strengthen their OT security posture and reduce risks.
Titled, ‘Creating and Maintaining a Definitive View of Your Operational Technology (OT) Architecture,’ the document advises organizations that deploy or operate OT systems to build, maintain, and securely store a complete understanding of their environments. The guidance is structured around five core…
