Skip to main content

OT/ICS Cybersecurity

Navigating the New Landscape of OT Cybersecurity in 2024: A 3-Part Guide for Operators (Part 2)

Author Edward Liebig

Part Two

In the rapidly evolving domain of operational technology (OT) cybersecurity, 2024 is a pivotal year. Two major developments – the Securities and Exchange Commission’s (SEC) cybersecurity reporting rule and the release of NIST 800-82r3 – are set to reshape the landscape for cybersecurity expectations. This article aims to provide OT Operators with an understanding of these changes, alongside practical recommendations for enhanced cybersecurity posture. 

In this three-part series, we will look at the compelling regulations and standards that emerged in 2023 that will drive focus and changes throughout 2024 in how OT operators look at “enterprise risk”. 

NIST to the Rescue - NIST 800-82r3: A Milestone for OT Cybersecurity 

The National Institute of Standards and Technology’s (NIST) Special Publication 800-82r3 (Revision 3), Guide to Operational Technology Security represents a significant update in the realm of operational technology cybersecurity. The latest guideline for industrial control systems (ICS) security was released in mid-December 2023. This provides comprehensive insights and practices tailored to protect critical infrastructure and OT environments from evolving cyber threats. 

NIST 800-82r3 is designed to offer a roadmap for securing OT systems, encompassing a wide range of industries including energy, water, transportation and manufacturing. It acknowledges the unique challenges faced by OT operators, such as the need to balance security with uninterrupted operational uptime and the integration of legacy systems with modern technologies. 

Key Updates in NIST 800-82r3: 

Enhanced Focus on Emerging Technologies  

The new revision includes updated guidance on securing wireless communication and mobile devices within OT environments, reflecting the growing adoption of these technologies in industrial settings. 

Expanded Threat Model 

NIST 800-82r3 introduces a more comprehensive threat model, addressing the sophisticated and evolving nature of cyber threats targeting OT systems, including ransomware and state-sponsored attacks. 

Integration of Cyber-Physical Systems 

The guidelines now provide more detailed advice on securing cyber-physical systems, acknowledging the increasing convergence of IT, OT and the resulting cybersecurity challenges. This revision offers a template for mapping and cross-referencing controls across OT with IT cybersecurity controls from the NIST CSF and 800-53. 

Guidance on Supply Chain Security 

Recognizing the interconnected nature of OT environments, the latest revision includes recommendations for managing supply chain risks, a critical aspect given the cascading effects a single vulnerability can have across an entire supply network. 

Recommendations for OT Operators:  

Adopt the Updated Guidelines  

OT operators should thoroughly review and adopt the recommendations outlined in NIST 800-82r3. This involves updating existing cybersecurity policies and procedures to align with the necessary practices and controls relevant to their operations and specified in the publication. 

Another Call to Conduct Regular Risk Assessments 

 In line with NIST 800-82r3’s emphasis on a risk-based approach, OT operators should conduct regular and comprehensive risk assessments. This includes identifying potential vulnerabilities, assessing the impact of various cyber threats and prioritizing mitigation efforts based on risk levels. 

Invest in Training and Awareness 

Ensuring that staff are aware of and trained in the latest cybersecurity practices is crucial. OT operators should invest in ongoing education and training programs to keep teams informed about the guidelines in NIST 800-82r3 and competent in applying them. 

Strengthen Incident Response Capabilities 

NIST 800-82r3 underscores the importance of a robust incident response framework. OT operators should ensure that their incident response plans are up to date, tested regularly and capable of addressing the unique challenges of OT environments. 

Leverage Community and Industry Resources 

Engaging with industry groups, cybersecurity communities and government bodies can provide additional insights and support in implementing the guidelines. Sharing experiences and best practices with peers can also enhance collective cybersecurity resilience. 

The release of NIST 800-82r3 is more than just a regulatory update; it's a pivotal resource for OT operators aiming to fortify their defenses against the complex and dynamic cyber threats of today’s digital landscape. By adhering to these guidelines, OT operators can not only ensure compliance but also significantly enhance the security and resilience of critical infrastructure systems.  

More content in this series:

Ready to learn more? Discover What's New in OT/ICS Cybersecurity.

About the Author

Edward Liebig is the Global Director Cyber Ecosystem in Hexagon’s Asset Lifecycle Intelligence division. His career spans over four decades, with over 30 of those years focused on cybersecurity. He has led as Chief Information Security Officer and cybersecurity captain for several multinational companies. He's also led Professional and Managed Security Services for the US critical infrastructure sector for two Global System Integrators. With this unique perspective Edward leads the Cybersecurity Alliances for Hexagon PAS Cyber Integrity. In this role he leverages his diverse experience to forge partnerships with service providers and technologies that drive collective strengths to best address our client’s security needs. Mr. Liebig is an adjunct professor at Washington University in St. Louis and teaches as part of the Master of Cybersecurity Management degree program.

Profile Photo of Edward Liebig
More Content by Edward Liebig