The United States and its allies have published a joint guidance to help operational technology owners and operators safeguard critical infrastructure.
Table of Contents
Joint Effort to Strengthen Critical Infrastructure Security
The Cybersecurity and Infrastructure Security Agency, in collaboration with the National Security Agency, the FBI, the Environmental Protection Agency and cybersecurity authorities from Australia, Canada, Germany, the Netherlands and New Zealand, published the guidance, titled “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators.”
Intelligence-gathering and analysis are critical to protecting national security amid increasing threats, technological advancements and geopolitical shifts. The Potomac Officers Club’s 2025 Intel Summit will bring together the intelligence community’s top leaders to provide their insights into the challenges and opportunities facing the IC. Register now and take the opportunity to gain insights into the future of intelligence.
The cybersecurity technical report provides a structured approach for creating and maintaining OT asset inventories and taxonomies. OT systems support essential functions like process automation, industrial control systems and cyber-physical operations that support energy grids, water systems, manufacturing and transportation networks.
Building OT System Visibility and Resilience
The guidance emphasizes that comprehensive asset inventories are critical for identifying and securing key systems and reducing the risk of cybersecurity incidents.
“OT systems are essential to the daily lives of all Americans and to national security,” said Madhu Gottumukkala, acting CISA director. “As cyber threats continue to evolve, CISA through this guidance provides deeper visibility into OT assets as a critical first step in reducing risk and ensuring operational resilience.”
NSA officials, meanwhile, stressed the importance of the guidance in defending national security systems, Department of Defense networks and the defense industrial base from malicious cyber activity.
Organizations are encouraged to review the document, which aligns with the Cross-Sector Cybersecurity Performance Goals, and adopt the best practices outlined to ensure safety, resilience and mission continuity across operational environments.
