Protecting Information and System Integrity in Industrial Control System Environments

To stay competitive, manufacturers are increasingly connecting their operational technology (OT) systems to their information technology (IT) systems. Manufacturers are harnessing technology to expand enterprise-wide connectivity and to enable remote access resulting in enhanced, more innovative business processes and capabilities.

Cybersecurity guidance that empowers manufacturers to protect their operations from data integrity attacks in Industrial Control System environments.

To keep a competitive edge, manufacturers are connecting their operational technology (OT) systems to their information technology (IT) systems. While integrating IT and OT networks has helped manufacturers boost productivity and gain efficiencies, it has also made them more vulnerable to cybersecurity threats posed by malicious actors.
Status: Reviewing Comments

The public comment period has closed for draft NIST Cybersecurity Practice Guide SP 1800-10, Protecting Information and System Integrity in Industrial Control System Environments. Thank you to everyone who shared their feedback with us. We are currently reviewing the comments received as work continues on the implementation of the demonstration and development of other sections of the publication. 

Project Abstract

Many manufacturing organizations rely on industrial control systems (ICS) to monitor and control their machinery, production lines, and other physical processes that produce goods. To stay competitive, manufacturers are connecting their operational technology (OT) systems to their information technology (IT) systems to enhance their business processes and capabilities.  

Although the integration of IT and OT networks are helping manufacturers boost productivity and gain efficiencies, it has also provided malicious actors, including nation states, common criminals, and insider threats, a fertile landscape where they can exploit cybersecurity vulnerabilities to compromise the integrity of ICS and ICS data. The motivations behind these attacks can range from degrading manufacturing capabilities, financial gain, to causing reputational harm.   

This project has produced example solutions that manufacturing organizations can use to mitigate ICS integrity risks, strengthen the cybersecurity of OT systems, and protect the data that these systems process. 

As manufacturers embrace technology to boost productivity and gain efficiencies, they must also use it to bolster their cyber defenses to protect their people, data, and operations.

Collaborating Vendors

Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.

Join the Community of Interest

A Community of Interest (COI) is a group of professionals and advisors that share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Members typically meet monthly by teleconference. Share your expertise and consider becoming a member of this project's COI.

Request to join
Employee speaking on video call with colleagues on online briefing with laptop at home