NIST Seeks Comment On Draft Cyber Guide for Energy Asset Management

The National Institute of Standards and Technology (NIST) and its National Cybersecurity Center of Excellence (NCCoE) have released a draft cybersecurity guide for energy sector asset management.  NCCoE is seeking comments on the draft through Nov. 25.

The guide is intended to help energy organizations “strengthen their operational technology (OT) asset management practices by leveraging capabilities that may already exist within their operating environment or by implementing new capabilities.”

As part of its effort to create the guide, NCCoE built a laboratory environment at NIST to develop capabilities that energy companies can use to identify and manage OT assets and detect cybersecurity risks associated with them.

NCCoE worked with energy sector leaders and private sector technology vendors to develop the guide, though it did note that the guide “does not endorse [any] particular products, nor does it guarantee compliance with any regulatory initiatives.” Specifically, the guide provides solutions that will enable energy companies to manage, monitor, and establish baseline OT assets to reduce the risk of cybersecurity incidents.

Read more at: MeriTalk