Site navigation

Tech Firms Create Alliance to Tackle Operational Cybersecurity Risks

Duncan MacRae

,

oil and gas

The alliance aims to deliver comprehensive cyber security guidelines for operational technology.

The Operational Technology Cyber Security Alliance (OTCSA) has been formed to help companies address operational technology (OT) security challenges that continue to put business at risk.

Cyber-attacks on critical and industrial infrastructure are said to be on the rise, impacting operational reliability and business risk across all industries, including utilities, manufacturing and oil & gas. Threats to OT – the hardware and software dedicated to monitoring and controlling physical devices such as valves, pumps, etc. – can disrupt operations, negatively impact productivity, cause ecological damage and compromise human safety.

To help mitigate this risk, a new global alliance focused on cyber security launched today.

The OTCSA, which consists of tech firms around the globe including Fortinet, Microsoft, Check Point Software and Splunk, is expected to provide important leadership and guidance for organisations that are trying to protect their operational technology from sophisticated threats.

Recommended

Kevin Prouty, group VP for IDC Energy Insights and Manufacturing Insights, said: “One of the driving forces behind IT and OT convergence is cyber security of operational systems, like SCADA, MES, controllers, etc. OT has typically been managed as individual devices, which has made it very difficult for IT to maintain its cyber security mandate.

“Senior executives are tasking operations executives to get their OT systems integrated into the overall enterprise cyber security governance. IDC’s IT/OT Convergence survey from 2018 shows that 65% of manufacturing, mining, oil & gas and utility companies see cyber security as the highest priority in IT and OT governance.”

The OTCSA mission is five-fold:

  • Strengthen cyber-physical risk posture of OT environments and interfaces for OT/IT interconnectivity
  • Guide OT operators on how to protect their OT infrastructure based on a risk management process and reference architectures/designs which are demonstrably compliant with regulations and international standards, such as IEC 62443, NERC CIP and NIST 800-53
  • Guide OT suppliers on secure OT system architectures, relevant interfaces and security functionalities
  • Support the procurement, development, installation, operation, maintenance and implementation of a safer, more secure critical infrastructure
  • Accelerate the time to adopt safer, more secure critical infrastructures

Until now, there has been no industry group focused on improving cyber risk posture by providing tangible architectural, implementation and process guidelines to OT operators so that they can navigate necessary changes, upgrades and integrations to evolving industry standards and regulations. These security guidelines will cover the entire lifecycle – procurement, development, deployment, installation, operation, maintenance and decommissioning – and address aspects related to people, processes and technology.

OTCSA promotes collaboration amongst leading IT and OT companies, thought leaders in the cyber security community and vendors and OT operators from a variety of industries. Membership is open to any company that operates critical infrastructure or general OT systems to run its business (OT operators) as well as companies providing IT and OT solutions (solution providers).

Digit Expo 2019 Email banner

Avi Rembaum, VP of Security Solutions, Check Point Software Technologies, said: “Operational technologies represent a key cyber target for multiple threat actors, with potentially devastating economic and physical effects on countries, companies and people. The OTCSA is focused on providing the community with architectural guidelines and best practices for implementing advanced operational technologies in a secure way.”

Phil Quade, CISO, Fortinet, added: “The negative consequences of compromised critical infrastructures are as severe as ever, while the complexity and urgency in securing them continues to escalate. The coming together of an action-oriented group of stakeholders who share a common vision of more secure and resilient critical infrastructure is an important step in meaningful collaboration. The OTCSA will address the unique challenges of securing OT environments, which is fundamental to maintaining our economic competitiveness, national and personal security and public safety.” –

To learn more about the OTCSA or to become a member, visit: https://www.otcsalliance.org.

Duncan MacRae

Editor

Latest News

Cybersecurity Data Protection
Editor's Picks Recruitment Trending Articles
Cybersecurity Featured Skills
%d bloggers like this: