Industrial control systems
Useful Resources
- A fact sheet produced by CISA in response to the recent rise of ransomware attacks targeting operational technology (OT) assets and control systems. The guidance provides advice to critical infrastructure owners and operators about how to prepare for, mitigate against, and respond to ransomware attacks. It also explains how to reduce the risk of severe business degradation if affected by ransomware (June 2021).
- Developing an Operational Technology and Information Technology Incident Response Plan, a guide produced by the Canadian Government (December 2020).
- A Critical National Infrastructure (CNI)-specific look at the NCSC-UK's guidance on remote access architecture design (November 2020).
- Advisory issued by NSA and CISA recommending immediate actions to reduce exposure across operational technologies and control systems (July 2020).
- Voluntary Cyber Security Standards for Control Systems Operators (VCSS-CSO) developed by the NCSC in partnership with the New Zealand Control Systems Security Information Exchange (CSSIE).
- The Australian Cyber Security Centre's (ACSC) advice for critical infrastructure providers who are deploying business continuity plans for operational technology environments (OTE)/industrial control systems (ICS) during the COVID-19 pandemic.
- The ACSC's advice on protecting industrial control systems.
- Recommended practices for industrial control systems, produced by the USA's Cybersecurity and Infrastructure Security Agency (CISA).
- Industrial control systems advisories and alerts produced by CISA.
- Infographic produced by CISA detailing recommended cyber security practices for industrial control systems.
- Worked examples for operational technology and virtualised systems using the UK NCSC’s secure design principles.
Refer to Incidents to report ICS security issues to the NCSC.