Question

  • Creator
    Topic
  • #4224120

    Cybersecurity in OT

    by bunny198 ·

    Tags: 

    Hello world!

    For my studies, I have to work on cybersecurity in the OT (Operational Technology) world, more particularly, the qualification of OT materials on the cybersecurity side.

    I have already found documentation such as NIST SP 800-82 or IEC 62443.

    But my question is, are there other documentations like these? I have not found many documents really focused on cybersecurity in OT. Also, is there a “checklist” for the qualification of an OT product, detailing all the things that need to be checked for cybersecurity qualification?

    I am aware that some of you probably think that I can easily find my answer alone, but I have tried for two weeks.

    Thanks you <3

You are posting a reply to: Cybersecurity in OT

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our Community FAQs for details. All submitted content is subject to our Terms of Use.

All Answers

  • Author
    Replies
    • #4224181
      Avatar photo

      There’s so much online.

      by rproffitt ·

      In reply to Cybersecurity in OT

      That I find it hard to believe you couldn’t find answers. In fact you found NIST and IEC but here’s the awful truth. The trouble with standards and “qualifications” is that you will find many standards and to qualifications, YOU have to decide which authority you want to abide by.

      • #4225027

        Reply To: Cybersecurity in OT

        by bunny198 ·

        In reply to There’s so much online.

        In fact, for the moment i’m trying yo get a global overview of what is existing in the OT cybersecurity world. Find a lot of reglementations or policies, and after that, i’ll try to mix them all to have a list of all the best practices to qualify OT materials

    • #4229440

      Cybersecurity in OT

      by cassharper030 ·

      In reply to Cybersecurity in OT

      I hear you, and two weeks of searching can definitely be frustrating. There are definitely more resources out there for OT cybersecurity qualification! In addition to the ones you found, check out these resources:

      ISA/IEC 62443: This series of standards dives deep into specific aspects of OT cybersecurity, like system security requirements and vulnerability assessments.
      NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection): These standards, though specific to the power grid industry in North America, offer valuable security best practices for OT generally.
      While a one-size-fits-all checklist might not exist, consider these frameworks for building your own:

      The National Institute of Standards and Technology (NIST) Cybersecurity Framework: This provides a flexible approach to identifying, protecting, detecting, responding to, and recovering from cyberattacks. You can tailor it to OT needs.
      Remember, OT security qualifications often involve a risk-based approach. Focus on critical systems and their vulnerabilities.

Viewing 1 reply thread