With the continuing increase in cyber-attacks on critical and industrial infrastructure, a group of operational technology (OT) industry leaders have joined together to form the Operational Technology Cyber Security Alliance (OTCSA).
According to Kevin Prouty, Group VP for IDC Energy Insights and Manufacturing Insights: “One of the driving forces behind IT and OT convergence is cyber security of operational systems, like Scada, MES, controllers etc. OT has typically been managed as individual devices, which has made it very difficult for IT to maintain its cyber security mandate.
“IDC’s IT/OT Convergence survey from 2018 shows that 65 per cent of manufacturing, mining, oil and gas and utility companies see cyber security as the highest priority in IT and OT governance,” Prouty concluded.
The founding members of OTCSA - ABB, Check Point Software, BlackBerry Cylance, Forescout, Fortinet, Microsoft, Mocana, NCC Group, Qualys, ScadaFence, Splunk and Wärtsilä - have a five-pronged mission.
The organisation aims to: strengthen the cyber-physical risk posture of OT environments and interfaces for OT/IT interconnectivity; guide OT operators on how to protect their OT infrastructure based on a risk management process and reference architectures/designs; guide OT suppliers on secure OT system architectures, relevant interfaces and security functionalities; support the procurement, development, installation, operation, maintenance and implementation of safer, more secure critical infrastructure; and accelerate the time to adopt safer, more secure critical infrastructures.
“OTCSA aims to bridge dangerous gaps in security for critical and OT infrastructure and ICS to support and improve the daily lives of citizens and workers in an evolving world,” says Satish Gannu, Chief Security Officer, ABB and Senior Vice President, Architecture and Analytics, ABB Ability.
“Industry collaboration to establish guidelines is required to quickly advance the posture of OT, which is already a decade behind IT when it comes to security,” Gannu concludes.
OTCSA is promoting collaboration among leading IT and OT companies, thought leaders in the cyber security community and vendors and OT operators from a variety of industries. Membership is open to any company that operates critical infrastructure or general OT systems to run its business, as well as companies providing IT and OT solutions.