PUBLISHED DATE: 30 September 2025
This guidance is aimed at cyber security professionals working in organisations that deploy or operate OT across greenfield and brownfield deployments.
OT systems are a prime target due to their criticality in providing services and the potential impact if these systems are disrupted. As the number and capability of threat actors targeting OT increases, so too does the need for robust cyber security controls. To design appropriate and effective controls, a holistic system understanding is required.
This guidance, which builds on the recently released OT guidance, aims to draw further attention to the importance of cyber security in OT. The principles noted in the guidance are intended as goals rather than minimum requirements. Cyber security professionals should use these principles as a framework to develop a comprehensive record of their systems.
The NCSC and international partners understand the value in establishing a definitive record of your organisation's OT. This definitive record will allow you to effectively assess risks and implement the proportionate security controls.
Read the full guidance here External Link .
If you have any questions about this guidance, contact info@ncsc.govt.nz