Aside from ensuring OT system and process awareness, organizations should also strengthen cyber incident investigation and response efforts, bolster OT data protections, separate OT networks from IT networks, and include their vendors and managed service providers to their supply chain assurance programs, as well as employ individuals who would guarantee OT network defenses, according to the guidance. “A cyber-related incident cannot be prevented or identified in OT without people that possess the necessary tools and training creating defenses and looking for incidents.

Source: SC Magazine