Skip to content

Empowering OT security to navigate infrastructure cyber threats using NIST SP 800-82r3 recommendations

Posted by: GuidePoint Security

2 min read

October 16, 2023 – Published on Industrial Cyber

With repercussions from cybersecurity threats and attacks on infrastructure control system owners/operators becoming increasingly significant and apparent, the National Institute of Standards and Technology (NIST) responded last month by introducing the NIST SP 800-82r3 document. The guidance centers on safeguarding operational technology (OT), pivotal for overseeing crucial infrastructure across sectors such as energy, water, transportation, and manufacturing. Dealing with the complex landscape of cybersecurity threats, vulnerabilities, and risks poses a significant challenge for infrastructure control system owners and operators, particularly in light of resource constraints.

The NIST SP 800-82r3 document serves as a crucial resource, offering comprehensive guidance on fortifying the security of OT systems. It addresses the specific challenges faced by OT environments in various sectors, emphasizing implementation of robust security measures to mitigate risks and ensure the resilience of critical infrastructure. By delineating best practices and risk management strategies tailored to the intricacies of OT, the NIST SP 800-82r3 document facilitates a proactive approach to cybersecurity, enabling organizations to safeguard their operations against emerging threats.

“The biggest challenges are resources, specifically finding qualified personnel with experience to handle 16 different types of OT organizations and the financial means to support these efforts,” Chris Warner, senior security consultant for OT governance and risk at GuidePoint Security, told Industrial Cyber. “Most importantly, the time it will take to perform these activities will assist organizations to employ consultants or advisors to assist in what has needed to be done over a decade when attacks first started happening.” 

Warner added that “we’ve seen drastic increases in attacks in the last 5-8 years yet organizations have not had the resources or focus due to compliance demands which is not security and finding qualified, experienced OT/IT security personnel that understand both to ensure we move into Industry 4.0 with business resilience as these organizations are on the front lines protecting countries critical infrastructure.”

Read More HERE.

Categories: Cybersecurity News
Tags:ICS

GuidePoint Security

ICS Security Services
Bridge the IT and OT gap with a Security Program Review, Security Architecture Review, and ICS Penetration Testing.
Download

Related Articles

View All

  • Cybersecurity
ICS Security Services
Read More < 1 min read
  • OT Security Services
Building and Enhancing OT/ICS Security Programs Through Governance, Risk, and Compliance (GRC)
Posted by: Christopher Warner
Read More 4 min read
  • Blog
Protecting Critical Infrastructure: A Collaborative Approach to Security for ICS, OT, and IIoT
Posted by: Christopher Warner
Read More 4 min read