Posted by
Share this article
Operational Technology cyber security addresses the risks in hardware and software that controls, monitors, and changes industrial equipment, including its supporting environment, networks, and supply chain. In these complex, blended systems, there are unique security challenges and threat vectors that require careful examination.
Why is OT cyber security important?
The threat to Critical National Infrastructure (CNI) and critical manufacturing is on the increase, with 93% of industrial organisations experiencing an OT incident in the past year, with 78% of these experiencing more than three intrusions. Businesses and suppliers must act with urgency to avoid major attacks. With OT in critical infrastructure or safety-critical environments, physical-cyber security is even more important.
How can OT cyber security be accurately governed?
Thanks to the internationally recognised standards such as the ISA/IEC 62443 Series of Standards for Industrial Automation and Control Systems and the NIST Guide to OT Security 800-82r3, OT organisations can develop a solid foundational cyber framework, accurately assess risks, design secure systems and controls, and uplift their cyber maturity.
How can Tesserent help?
As Australia’s leading provider of full-service cybersecurity services in Australia and New Zealand, Tesserent is helping OT businesses increase their cyber maturity. Our OT services include comprehensive reviews of all systems and documentation, including site visits and deep investigation. Our reports are structured to deliver clear, actionable takeaways and detailed architectures where required.
OT Cyber Security Management System Uplift
Our uplift service establishes an Operational Technology (OT) and Industrial Control System (IACS) Cybersecurity Program, leveraging the IEC 62443 series of standards or the NIST Guide to OT Security.
OT Security Risk Assessment
Our comprehensive IACS risk assessment across your systems is aligned to IEC 62443 Part 3-2: Security Risk Assessment for System Design.
Security Level Assessment for OT Technical Controls
Our technical control assessment verifies the effectiveness of your OT technical controls deployed within IACS systems and components, as outlined in IEC 62443 Part 3-3: System Security Requirements and Security Levels.
Industry-specific coverage
Our services can be tailored for sectors and industries that have specific OT cybersecurity frameworks, guidance or directives, including:
- Critical Infrastructure Act 2018 (SOCI)
- Australian Energy Sector Cybersecurity Framework (AESCSF)
- TS50701 Railway applications cybersecurity: an international framework for trains and rail operations
- Water Services Association of Australia (WSAA) Cyber Security Resilience Primer-For Directors and Executives
- Transport Security Amendment Bill 2022
Extended ISA/IEC 62443 Coverage
Available upon request, including:
- OT asset discovery
- Patch management in the IACS environment
- Implementation guidance for asset owners
- IACS security lifecycle and use-cases
- Security system conformance metrics
- Product security development lifecycle requirements
Written by Opeyemi Ajibola
Contact us
Speak with a Tesserent
Security Specialist
Tesserent is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.