Table of Contents

• The OT Security Dozen

  • Phase 1 - Evaluate | Assess | Discover | Define (I …

  • Phase 2 - Implement | Deploy (Predict, Protect / P …

  • Phase 3 - Monitor, Measure & Maintain (Detect & Re …

• My Ask

  • About the Author:

The OT Security Dozen

In this newsletter edition, I am excited to be sharing some experience and insights on the 12 foundational steps for an “Operational Technology (OT) / Industrial Control Systems (ICS) Cyber security Program” – calling it, “The OT Security Dozen”. This will hopefully serve as guidance or building blocks to improve and operationalize cyber security practices for OT / ICS operations, especially for those industrial organizations worldwide (APAC manufacturing sector in particular) that are exploring ways to either start their journey and not sure where to begin and or in some cases trying to improve/mature their current initiatives. 

Phase 1 - Evaluate | Assess | Discover | Define (Identify)

1.      OT / ICS Cyber security Assessments / Reviews 

2.      OT / ICS Cyber security Policy & Governance

Phase 2 - Implement | Deploy (Predict, Protect / Prevent & Detect) 

3.    OT / ICS Network security Architecture & Segmentation (between IT & OT networks)

4.   OT / ICS Asset Discovery, Vulnerabilities & Threat Detection (or OT IDS / AD) Solution Selection & Implementation

5.      OT / ICS Secure Remote Access

6.      OT / ICS Access Control (IDAM)

7.    OT / ICS Endpoint Protections & Controls (AV, Host IDS/EDR, Data Protection, USB controls)

8.      OT / ICS Configuration Hygiene & Patch Management

Phase 3 - Monitor, Measure & Maintain (Detect & Respond)

9.       OT / ICS Supply Chain Security (risks related to SBOM, OEMs, third-party service providers)

10.   OT / ICS Cyber security Monitoring (via an Integrated SOC / MSS Operations) & Threat Intelligence

11.      OT / ICS Backups, Incident Response & BCP

12.      OT / ICS Audit, Security Testing & Continuous Measurement.

Obviously, this is not an exhaustive list of control initiatives around people, processes and technology for the world of OT / ICS – however, “The OT Security Dozen” will provide you with that very strong and solid foundation required for establishing and running a successful OT / ICS Cyber security Program; either as a standalone program, and or part of broader ISMS initiative as a subset. All with an OT Cybersecurity awareness wrapped around it.

Some of these 12 initiatives can be run in parallel and some may perhaps be better run sequentially, and prioritization of these initiatives may differ from one organization to another, based on several factors and the uniqueness of an organization's environment (e.g., network architecture, culture, people, processes, budget and skill sets etc.). Regardless of the prioritization sequence, successful execution of these initiatives will raise your maturity level against any given industry standards that’s preferred by the organization and or compliance against any applicable standards/regulations.

In this twelve-part series – the OT Dozen, following this post, I’ll deep dive into each of these initiatives along with potential mappings to some industry best practices and standards (e.g., IEC 62443, NIST CSF, and CSC Top 18 and others).

What’s your OT Security Dozen looks like and why? please share, comment, like, and provide feedback.

Follow me on LinkedIn and #securingthings and @securingthings to receive updates.

Checkout Part 1 – OT / ICS Cyber security Assessments / Reviews in next newsletter post.

Originally Published on LinkedIn in March 2022 → here.

Please feel free to register your interest by commenting below / DM me, and or dropping your name and email to [email protected] if you want to receive training/workshop, have project related inquiries, want to have professional discussion & or just for a friendly chat.

My Ask

I invite SecuringThings community to share their feedback.

Your feedback and input is invaluable to me as we work together to strengthen our cybersecurity defenses and create a safer and smarter digital society. Thank you for your trust and continued support.

Do register, validate your email, and request login link to submit poll to be able to enter a chance to win a future course giveaway.

Thanks for reading - until next edition!

It’s a Great Day to Start Securing Things for a Smart & Safer Society.

Take care and Best Regards,

M. Yousuf Faisal.

Follow Securing Things on LinkedIn | X/Twitter & YouTube.

It’s a great day to start “Securing Things” for a Smart & Safer Society. 

About the Author:

M. Yousuf Faisal (EMBA, GICSP, ISO 27001 LA, CISSP, CISM, CISA) has two decades of technology & IT/OT Cyber security-related industry experience, helping organizations secure their digital transformation journey. Have worked both as an end user and mostly as a consultant / advisor, serving multiple industrial sectors and enterprise organizations. Currently, Founder of an independent IT & OT cybersecurity advisory/consulting services and solutions business - providing services to clients globally (remotely & or with occasional site visits). He holds a B.E. Electrical & an Executive MBA degree).