Designing safer links: secure connectivity for operational technology

The United Kingdom’s National Cyber Security Centre (NCSC) has published new guidance setting out new secure connectivity principles for operational technology (OT). These principles are intended to help organizations design, review and secure the connectivity within and to their OT systems, transforming system understanding into positive cyber security action.

Connectivity in OT environments brings benefits such as remote monitoring, predictive maintenance and integrated analytics. But it also expands the attack surface. Legacy and obsolete devices, complex vendor supply chains and remote access arrangements can all introduce risks that may lead to downtime, safety incidents or even environmental harm.

Many historic OT environments were never designed with modern connectivity in mind. As a result, security gaps can be hard to close once systems are operational. The new guidance provides principles for ensuring that future connectivity decisions are risk-aware, security-driven and implemented with resilience ‘built in’, while also encouraging retrospective improvements to existing architecture.

Read more at National Cyber Security Centre