Source: US Department of Homeland Security
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), Environmental Protection Agency (EPA), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (Cyber Centre), Germany’s Federal Office for Information Security (BSI), Netherlands’ National Cyber Security Centre (NCSC-NL), and New Zealand’s National Cyber Security Centre (NCSC-NZ), released new guidance to help operational technology (OT) owners and operators across all critical infrastructure sectors create and maintain comprehensive OT asset inventories and taxonomies. OT systems are vital to the core functionality of the nation’s critical infrastructure to safely and reliably operate by powering process automation, instrumentation, cyber-physical operations, and industrial control systems.
“OT systems are essential to the daily lives of all Americans and to national security,” said Madhu Gottumukkala, Acting CISA Director. “They power everything from water systems and energy grids to manufacturing and transportation networks. As cyber threats continue to evolve, CISA through this guidance provides deeper visibility into OT assets as a critical first step in reducing risk and ensuring operational resilience.”
“Operational technology is foundational to the operations of the nation’s critical infrastructure,” said Chris Butera, Acting Executive Assistant Director for Cybersecurity at CISA. “Securing operational technology and industrial control systems has been a priority for CISA for many years and remains a priority into the future. The joint asset inventory guide we published with our U.S. and international government partners is a valuable resource that helps organizations effectively identify and secure their most vital assets, reduce the risk of cybersecurity incidents, and ensure the continuity of their mission and services.”
All organizations are encouraged to review the guidance to understand how to build and maintain OT asset inventories and implement the recommended actions. These practices align with the Cross-Sector Cybersecurity Performance Goals and can help organizations improve their cybersecurity posture and reduce the risk of compromise in operational environments.
The new guidance can be found here.
###
About CISA
As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.
Visit CISA.gov for more information and follow us on X, Facebook, LinkedIn, Instagram.