Critical infrastructure organizations have been urged to adhere to the six principles of operational technology environment security, including paramount safety, business knowledge, OT data value and protection, OT segmentation, secure supply chains, and the significance of personnel in OT cybersecurity under new joint guidelines by the U.S. and its allies, including Canada, Australia, Germany, Japan, and the UK, SecurityWeek reports.
Aside from ensuring OT system and process awareness, organizations should also strengthen cyber incident investigation and response efforts, bolster OT data protections, separate OT networks from IT networks, and include their vendors and managed service providers to their supply chain assurance programs, as well as employ individuals who would guarantee OT network defenses, according to the guidance. "A cyber-related incident cannot be prevented or identified in OT without people that possess the necessary tools and training creating defenses and looking for incidents. Once a cyber-related incident has been identified in OT, trained and competent people are required to respond," said the guidance.
