Cyber-attacks on critical and industrial infrastructure are on the rise, impacting operational reliability and business risk across all industries, including utilities, manufacturing and oil & gas. Threats to operational technology (OT) – the hardware and software dedicated to monitoring and controlling physical devices such as valves, pumps, etc. – can disrupt operations, negatively impact productivity, cause ecological damage and compromise human safety. To help mitigate this risk, a new global alliance focused on cyber security launched today. The Operational Technology Cyber Security Alliance (OTCSA) was established to help companies address the OT security challenges that continue to put operations, and consequently, business at risk.
“One of the driving forces behind IT and OT convergence is cyber security of operational systems, like SCADA, MES, controllers, etc. OT has typically been managed as individual devices, which has made it very difficult for IT to maintain its cyber security mandate,” said Kevin Prouty, Group VP for IDC Energy Insights and Manufacturing Insights. “Senior executives are tasking operations executives to get their OT systems integrated into the overall enterprise cyber security governance. IDC’s IT/OT Convergence survey from 2018 shows that 65 percent of manufacturing, mining, oil & gas and utility companies see cyber security as the highest priority in IT and OT governance.”
Industry leaders ABB, Check Point Software, BlackBerry Cylance, Forescout, Fortinet, Microsoft, Mocana, NCC Group, Qualys, SCADAFence, Splunk and Wärtsilä have partnered to establish the OTCSA.
The OTCSA mission is five-fold:
- Strengthen cyber-physical risk posture of OT environments and interfaces for OT/IT interconnectivity
- Guide OT operators on how to protect their OT infrastructure based on a risk management process and reference architectures/designs which are demonstrably compliant with regulations and international standards, such as IEC 62443, NERC CIP and NIST 800-53
- Guide OT suppliers on secure OT system architectures, relevant interfaces and security functionalities
- Support the procurement, development, installation, operation, maintenance and implementation of a safer, more secure critical infrastructure
- Accelerate the time to adopt safer, more secure critical infrastructures
“OTCSA aims to bridge dangerous gaps in security for critical and OT infrastructure and ICS to support and improve the daily lives of citizens and workers in an evolving world,” said Satish Gannu, Chief Security Officer, ABB & Senior Vice President, Architecture and Analytics, ABB Ability™. “Industry collaboration to establish guidelines is required to quickly advance the posture of OT, which is already a decade behind IT when it comes to security.”
Until now, there has been no industry group focused on improving cyber risk posture by providing tangible architectural, implementation and process guidelines to OT operators so that they can navigate necessary changes, upgrades and integrations to evolving industry standards and regulations. These robust security guidelines will cover the entire lifecycle – procurement, development, deployment, installation, operation, maintenance and decommissioning – and address aspects related to people, processes and technology.
OTCSA promotes collaboration amongst leading IT and OT companies, thought leaders in the cyber security community and vendors and OT operators from a variety of industries. Membership is open to any company that operates critical infrastructure or general OT systems to run its business (OT operators) as well as companies providing IT and OT solutions (solution providers).
To learn more about the OTCSA or to become a member, visit: https://www.otcsalliance.org.
Quotes from OTCSA Members
“BlackBerry Cylance is honored to join this multidisciplinary alliance with the mission to rethink the way we secure the world’s most critical systems. The OTCSA will provide important leadership and guidance for organizations working hard to protect their operational technology from sophisticated threats.” – Eric Cornelius, CTO, BlackBerry Cylance
“Operational technologies represent a key cyber target for multiple threat actors, with potentially devastating economic and physical effects on countries, companies and people. The OTCSA is focused on providing the community with architectural guidelines and best practices for implementing advanced operational technologies in a secure way. Check Point’s Infinity Architecture and Fifth Generation threat prevention strategy align with the goals of the alliance, and Check Point is proud to be a founding member of this important initiative.” – Avi Rembaum, Vice President of Security Solutions, Check Point Software Technologies
“Critical infrastructures and industrial control systems are essential to organization revenue and profits and the global economy. As the market leader in device visibility and control, Forescout is committed to collaborating with the industry to establish architectural, implementation and process guidelines that further strengthen the cyber security risk posture and resiliency of operational technology.” – Damiano Bolzoni, Vice President of Industrial and OT Business, Forescout.
“The negative consequences of compromised critical infrastructures are as severe as ever, while the complexity and urgency in securing them continues to escalate. The coming together of an action-oriented group of stakeholders who share a common vision of more secure and resilient critical infrastructure is an important step in meaningful collaboration. The OTCSA will address the unique challenges of securing OT environments, which is fundamental to maintaining our economic competitiveness, national and personal security and public safety.” – Phil Quade, CISO, Fortinet
“We are in a pivotal moment for critical infrastructure protection. As the nature of the threats we face becomes increasingly sophisticated, the OTCSA will provide an essential forum to bring together those who protect operational technology – like Mocana – and those who own and deploy it. Through listening to each other, we believe the entire OT sector can come together to make the world a safer place.” – Dean Weber, CTO, Mocana
“Our primary mission at NCC Group is to enable the strongest security possible from the very beginning of every project, and as a service provider, we have the freedom to implement vendor-neutral solutions that are most appropriate in each particular installation. We see every day the need for greater protection in many critical infrastructures, and we look forward to working with other industry leaders within the OTCSA to raise the level of security preparedness in operational technologies and industrial control systems.” – Kevin Dunn, SVP, NCC Group
“We are proud to be a member of the OTCSA and to work with other industry leaders to further the goal of bridging gaps in security for OT and critical infrastructures and industrial control systems (ICS). The time where individual companies provided security solutions that customers and operators had to ‘bolt on’ has passed. It is now about ‘building security in,’ which can only be achieved if we all work together, drastically reducing the growing cybersecurity risks as a result.” – Philippe Courtot, Chairman and CEO, Qualys.
“As threats to OT networks continue to expand and evolve and the need for securing OT networks becomes more pressing than ever, we are honored to be part of the OTCSA in an effort to define tools and frameworks for securing them.” – Elad Ben-Meir, CEO, SCADAfence
“As the volume of data grows around the world, it’s critical that organizations should not only leverage analytics to get insights but also take action on that data to drive digital transformation and become more competitive businesses. We are proud to work with OTCSA to help accelerate this shift globally. Security is a business enabler and we believe OTCSA’s mission provides an important opportunity to share and exchange best in class enterprise security practices to help businesses thrive.” – Haiyan Song, SVP and General Manager of Security Markets, Splunk
“The compromise of operational technology used in production facilities is becoming a preferred steppingstone for cybercriminals looking to find a way into a company’s network. There is a strong need to collaborate within our ecosystems of suppliers, customers and other partners, even competitors, to fight the common enemy of cyber-crime. The game is changing and so must we.” – Mark Milford, Vice President Cyber Security, Wärtsilä
Operational Technology Cyber Security Alliance (OTCSA) is a group of global industry-leading organizations focused on providing operational technology (OT) operators with resources and guidance to mitigate their cyber risk in an evolving world. Founded in 2019, OTCSA is the first group of its kind to architect a technical and organizational framework – the who, what and how – for safe and secure OT. Membership is open to all OT operators and IT/OT solution providers. Current members include ABB, Check Point Software, BlackBerry Cylance, Forescout, Fortinet, Microsoft, Mocana, NCC Group, Qualys, SCADAFence, Splunk and Wärtsilä.
1Forrester consulting study commissioned and published by Fortinet, May 2018