Protecting Information and System Integrity in Industrial Control System Environments
To stay competitive, manufacturers are increasingly connecting their operational technology (OT) systems to their information technology (IT) systems. Manufacturers are harnessing technology to expand enterprise-wide connectivity and to enable remote access resulting in enhanced, more innovative business processes and capabilities.
Cybersecurity guidance that empowers manufacturers to protect their operations from data integrity attacks in Industrial Control System environments
Project Abstract
Many manufacturing organizations rely on industrial control systems (ICS) to monitor and control their machinery, production lines, and other physical processes that produce goods. To stay competitive, manufacturers are connecting their operational technology (OT) systems to their information technology (IT) systems to enhance their business processes and capabilities.
Although the integration of IT and OT networks are helping manufacturers boost productivity and gain efficiencies, it has also provided malicious actors, including nation states, common criminals, and insider threats, a fertile landscape where they can exploit cybersecurity vulnerabilities to compromise the integrity of ICS and ICS data. The motivations behind these attacks can range from degrading manufacturing capabilities and financial gain, to causing reputational harm.
This project has produced example solutions that manufacturing organizations can use to mitigate ICS integrity risks, strengthen the cybersecurity of OT systems, and protect the data that these systems process.
As manufacturers embrace technology to boost productivity and gain efficiencies, they must also use it to bolster their cyber defenses to protect their people, data, and operations.
Collaborating Vendors
Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.
Join the Community of Interest
A Community of Interest (COI) is a group of professionals and advisors who share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Share your expertise and consider becoming a member of this project's COI.