New OT asset inventory guidance unveiled by US, partners

Mounting cybersecurity threats aimed at operational technology systems have prompted the Cybersecurity and Infrastructure Security Agency, the FBI, the National Security Agency, and the Environmental Protection Agency, as well as cybersecurity enforcement agencies in Canada, Germany, the Netherlands, Australia, and New Zealand, to unveil joint guidelines for OT asset inventorying, reports Cybersecurity Dive.

Organizations should not only improve the usefulness of their OT asset inventories through proper threat prioritization, asset maintainance plan assessments, and spare-part inventory reviews but also compare outdated system replacement costs and potential outage losses, implement secure-by-design systems, and leverage more robust inventory management processes, according to the guidance, which has been developed alongside American Water, Southern California Edison, Duke Energy, and British Petroleum. “Using these tools helps owners and operators identify which assets in their environment should be secured and protected, and structure their defenses accordingly to reduce the risk a cybersecurity incident poses to the organizations mission and service continuity,” said the agencies.