Latest CISA cyber guidance urges organizations to inventory OT assets

Latest CISA cyber guidance urges organizations to inventory OT assets

CISA’s latest guidance on inventorying OT assets comes as cyber experts warn many critical infrastructure organizations “don’t even know what they have.”

Justin Doubleday@jdoubledayWFED

August 13, 2025 6:14 pm

3 min read

The Cybersecurity and Infrastructure Security Agency has rolled out new guidance to help deal with what some cyber experts say is a rising concern: a lack of visibility into threats to operational technology.

CISA on Wednesday published “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators.” CISA developed the guidance in conjunction with other agencies, including the Environmental Protection Agency, the National Security Agency, the FBI and several international partners.

The guidance focuses on operational technology, which refers to hardware and software that monitor and control physical processes in industrial settings.

“OT systems are essential to the daily lives of all Americans and to national security,” Acting CISA Director Madhu Gottumukkala said in a press release. “They power everything from water systems and energy grids to manufacturing and transportation networks. As cyber threats continue to evolve, CISA through this guidance provides deeper visibility into OT assets as a critical first step in reducing risk and ensuring operational resilience.”

The new guidance describes how to inventory OT systems across multiple sectors and categorize them using different taxonomy, depending on the sector in question. For instance, oil and gas organizations may use different terms for systems compared to water and wastewater operators.

Inventorying systems is a key first step in building a “modern defensible architecture,” CISA explains in its guidance.

Policymakers are increasingly concerned that hackers have been targeting OT systems, which could derail or otherwise dangerously impact the operation of physical systems at industrial plants or in other critical settings.

Agency officials have also warned that many cyber and IT professionals lack the training and expertise needed to secure OT systems.

During a House Homeland Security Committee cybersecurity subcommittee hearing on July 22, cyber experts discussed threats to critical infrastructure and how to defend against rising OT threats.

“I would say we need to start even at the very beginning,” Tatyana Bolton, executive director of the Operational Technology Cyber Coalition. “Most sectors have not done an OT asset inventory. So they don’t even know what they have.”

Multiple cyber experts told the committee that OT network operators need more assistance at the federal, state and local levels to help monitor and defend against cyber threats. The advice comes as experts are particularly concerned about China-linked intrusions into critical infrastructure networks, such as the “Volt Typhoon” group.

“If you actually want to monitor your OT infrastructure to figure out, is China already there, I would say probably about 10% of the infrastructure around the country is being monitored,” Rob Lee, chief executive and co-founder of Dragos, told lawmakers. “So when we’re having big discussions about what comes next, I would just highlight that we’re not even really being serious about what we know today.”

Last September, CISA warned that pro-Russia hacktivists were exploiting internet-accessible OT and industrial control systems, including in the water and wastewater sector. CISA said the hackers were using “unsophisticated means” to access devices and cause harm.

“Operational technology is foundational to the operations of the nation’s critical infrastructure,” Chris Butera, CISA’s acting executive assistant director for cybersecurity, said as part of today’s release. “Securing operational technology and industrial control systems has been a priority for CISA for many years and remains a priority into the future. The joint asset inventory guide we published with our U.S. and international government partners is a valuable resource that helps organizations effectively identify and secure their most vital assets, reduce the risk of cybersecurity incidents, and ensure the continuity of their mission and services.”

Copyright
© 2025 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.