Urge for securing crucial infrastructure prompts from CISA towards administrators

Urge for securing crucial infrastructure prompts from CISA towards administrators

In the rapidly evolving digital landscape, the protection of critical infrastructure has become a paramount concern. A recent surge in attacks targeting Operational Technology (OT) systems, which often reside in critical infrastructure, has prompted a collaborative effort among several cybersecurity agencies worldwide.

The Cybersecurity and Infrastructure Security Agency (CISA) has taken the lead in publishing new foundational guidance for OT cybersecurity. This guidance, published on Wednesday, starts with the basics: Assume nothing, and start entirely fresh with a new taxonomy-based OT asset inventory.

The recommended approach involves a systematic process to build and maintain a comprehensive, structured inventory supplemented by a taxonomy that categorizes OT assets by function and criticality. This combined asset inventory and taxonomy help organizations prioritize cybersecurity defenses, manage vulnerabilities, and safeguard critical infrastructure operations effectively.

Key steps in this process include defining the scope and objectives, identifying assets, collecting asset attributes, developing an OT taxonomy, and managing and maintaining data. The taxonomic structure, designed to organize and prioritize OT assets, aids in risk identification, vulnerability management, and incident response.

CISA's guide includes a full breakdown of these steps, along with suggestions for asset fields such as hostnames, IPs, storage locations of baseline OS images, and supported communication protocols. The guide also provides examples from various industries like oil and gas, energy, and water to help explain the taxonomic structure.

The US Environmental Protection Agency, National Security Agency, FBI, and cybersecurity agencies from Australia, Canada, Germany, The Netherlands, and New Zealand joined CISA in creating this new OT cybersecurity guidance. The aim is to reduce the risk of cybersecurity incidents and ensure the continuity of mission and services.

Acting CISA Director Madhu Gottumukkala stated, "OT systems are essential to the daily lives of all Americans and to national security." Chris Butera, CISA's Acting Executive Assistant Director for Cybersecurity, called the joint asset inventory guide a valuable resource for identifying and securing vital assets.

The importance of this guidance is underscored by the increasing number of OT attacks. In 2024, researchers discovered two malware variants designed to target OT, a rarity in the industry. The security firm Dragos noted an 87 percent year-over-year increase in cyberattacks targeting industrial companies in the US in 2024.

OT systems, while more frequently connected in the modern era, often remain an afterthought for many security teams. By following the guidance provided by CISA, OT owners and operators can gain clearer insight into their operational environments, enabling them to design and sustain a modern defensible architecture that better protects critical infrastructure from cyber threats and ensures service continuity.

1. To enhance the protection of critical infrastructure in the rapidly evolving digital landscape, Cybersecurity and Infrastructure Security Agency (CISA) has published new foundational guidance for Operational Technology (OT) cybersecurity.
2. The collaborative effort among several cybersecurity agencies worldwide includes CISA, US Environmental Protection Agency, National Security Agency, FBI, and cybersecurity agencies from Australia, Canada, Germany, The Netherlands, and New Zealand.
3. The new guidance recommends a systematic process to build and maintain a comprehensive, structured OT asset inventory supplemented by a taxonomy that categorizes OT assets by function and criticality.
4. Key steps in this process include defining the scope and objectives, identifying assets, collecting asset attributes, developing an OT taxonomy, and managing and maintaining data to safeguard critical infrastructure operations effectively.
5. The rising number of OT attacks, such as the discovery of two malware variants in 2024, underscores the importance of this guidance for OT owners and operators to design and sustain a modern defensible architecture that better protects critical infrastructure from cyber threats and ensures service continuity.

Read also: