- Securing Things Newsletter
- Posts
- "The OT Security Dozen" – A 12 Part Series on Building an OT / ICS Cyber Security Program
"The OT Security Dozen" – A 12 Part Series on Building an OT / ICS Cyber Security Program
"The OT Security Dozen" – A 12 Part Series on Building an OT / ICS Cyber Security Program
M. Yousuf Faisal
December 25, 2023
Disclaimer: All views presented here, in this newsletter, are my own.
Author or the newsletter are not liable for any actions taken by any individual or any organization / business / entity. The information provided is for education and awareness and is not specific to any business or situation.
Table of Contents
The OT Security Dozen
Excited to be sharing some experience and insights on the 12 foundational steps for an “Operational Technology (OT) / Industrial Control Systems (ICS) Cyber security Program” – calling it “The OT Security Dozen”. This will hopefully serve as guidance or building blocks to improve and operationalize cyber security practices for OT / ICS operations, especially for those industrial organizations worldwide (APAC manufacturing sector in particular) that are exploring ways to either start their journey and not sure where to begin and or in some cases trying to improve/mature their current initiatives.
Phase 1 - Evaluate | Assess | Discover | Define (Identify)
Phase 2 - Implement | Deploy (Predict, Protect/Prevent & Detect)
5. OT / ICS Secure Remote Access
6. OT / ICS Access Control (IDAM)
7. OT / ICS Endpoint Protections & Controls (AV, Host IDS/EDR, Data Protection, USB controls)
8. OT / ICS Configuration Hygiene & Patch Management
Phase 3 - Monitor, Measure & Maintain (Detect & Respond)
9. OT / ICS Supply Chain Security (risks related to SBOM, OEMs, third-party service providers)
10. OT / ICS Cyber security Monitoring (via an Integrated SOC / MSS Operations) & Threat Intelligence
11. OT / ICS Backups, Incident Response & BCP
12. OT / ICS Audit, Security Testing & Continuous Measurement.
Obviously, this is not an exhaustive list of control initiatives around people, processes and technology for the world of OT / ICS – however, “The OT Security Dozen” will provide you with that very strong and solid foundation required for establishing and running a successful OT / ICS Cyber security Program - part of an OT CSMS (Cybersecurity Management System); either as a standalone program, and or part of broader ISMS initiative as a subset. All with an OT Cybersecurity awareness peace wrapped around it.
Some of these 12 initiatives can be run in parallel and some may perhaps be better run sequentially, and prioritization of these initiatives may differ from one organization to another, based on several factors and the uniqueness of an organization's environment (e.g., network architecture, culture, people, processes, budget and skill sets etc.). Regardless of the prioritization sequence, successful execution of these initiatives will raise your maturity level against any given industry standards that’s preferred by the organization and or compliance against any applicable standards/regulations.
In this twelve-part series – the OT Dozen, following this post, I’ll deep dive into each of these initiatives along with potential mappings to some industry best practices and standards (e.g., IEC 62443, NIST CSF, and CSC Top 18 and others).
What’s your OT Security Dozen looks like and why? please share, comment, like, and provide feedback.
Follow me on LinkedIn and #securingthings and @securingthings to receive updates.
Please feel free to register your interest by commenting below / DM me, and or dropping your name and email to [email protected] if you want to receive training/workshop, have project related inquiries, want to have professional discussion & or just for a friendly chat.
Checkout Part 1 – OT / ICS Cyber security Assessments / Reviews in upcoming posts.
It’s a great day to start Securing:Things~
This is my first attempt on publishing something on LinkedIn, so looking forward to getting constructive critique and learn from asset owners/end users, industry experts and professionals on their thoughts and experiences on what works best in relation to the topic.
M. Yousuf Faisal (EMBA, GICSP, ISO 27001 LA, CISSP, CISM, CISA) has two decades of technology & IT/OT Cyber security-related industry experience, helping organizations secure their digital transformation journey (with secure-by-design principles). He has served both as an end user and mostly as a consultant/advisor across multiple industrial sectors and enterprise organizations. Currently, Founder of an independent IT & OT cybersecurity advisory/consulting services and solutions business - providing services to clients globally (remotely & or with occasional site visits). He holds a B.E. Electrical & an Executive MBA degree.
#securingthings #security #otsecurity #ics #ot #criticalinfrastructure #otsecurity #criticalinfrastructureprotection #otcybersecurity #icssecurity #icscybersecurity #manufacturing #securingthings #Cybersecurity #itotconvergence #securebydesign #isa62443 #secureot #industry40 #digitaltransformation #digitaltransformationstrategy
The Newsletter Platform Built for Growth
When starting a newsletter, there are plenty of choices. But there’s only one publishing tool built to help you grow your publications as quickly and sustainably as possible.
beehiiv was founded by some of the earliest employees of the Morning Brew, and they know what it takes to grow a newsletter from zero to millions.
The all-in-one publishing suite comes with built-in growth tools, customization, and best-in-class analytics that actually move the needle - all in an easy-to-use interface.
Not to mention—responsive audience polls, a custom referral program, SEO-optimized web pages’, and so much more.
If you’ve considered starting a newsletter, there’s no better place to get started and no better time than now.
Reply