In recent years, there has been a surge in cyberattacks targeting operational technology (OT), prompting governments around the world to strengthen their cybersecurity regulations and policies. These attacks, which have targeted critical infrastructure such as power, water supply, and transportation systems, have highlighted the need for enhanced protection measures beyond traditional information technology (IT) security. In response, governments have taken various steps to address the growing threat of OT cyberattacks.
One country that has made significant strides in OT cybersecurity is the United States. In 2021, President Biden signed Executive Order 14028, which emphasized the importance of protecting both IT and OT systems. This was followed by the National Security Memorandum, which established a voluntary initiative to promote collaboration between the federal government and critical infrastructure providers in adopting minimum cybersecurity standards for industrial control systems (ICS) and OT.
The U.S. government has also introduced legislation to improve cybersecurity in key sectors. The Cyber Incident Reporting for Critical Infrastructure Act, signed into law in 2022, requires cyber incidents to be reported within 72 hours and ransom payments within 24 hours. Additionally, the U.S. Transportation Security Administration has introduced performance-based directives to enhance cybersecurity in the aviation, pipeline, and rail sectors.
Furthermore, the U.S. government has passed bipartisan laws to incentivize cybersecurity investments. For example, legislation has been introduced to strengthen network protection in the expansion of the nation’s electric-vehicle charging infrastructure. The same legislation has also established a cybersecurity grant program for state, local, and territorial governments to invest in digital security.
Similarly, the European Union (EU) has been proactive in enhancing its cybersecurity regulations. In 2016, the EU implemented the Security of Network and Information Systems (NIS) Directive to address cyber threats to critical infrastructure. In response to evolving threats, the EU has proposed the NIS 2 Directive to expand the scope of regulated objects and establish a response center, “EU-CyCLONe,” to support member countries in monitoring and responding to cyberattacks. Additionally, the EU has proposed the Cyber Resilience Act (CRA) to strengthen the cybersecurity of digital products and streamline the regulatory framework.
Japan has also prioritized OT cybersecurity in its National Security Strategy. The latest version emphasizes the importance of enhancing response capabilities to secure critical infrastructure and key systems. Japan has implemented various measures, such as continuous assessments of government agency information systems, improving responses to cyber threats, active cyber defense, cybersecurity information collection and analysis, and public-private information sharing. Japan has also formed partnerships with other countries to strengthen ICS security and established working groups and guidelines for the cybersecurity of buildings and plant systems.
With the increasing prevalence of OT cyberattacks, the focus on OT cybersecurity is gaining momentum globally. Governments are implementing regulations and standards to ensure consistent cybersecurity practices across critical infrastructure sectors. However, it is important to recognize the unique complexities of the OT environment and develop specialized approaches for OT cybersecurity. Proactive defense strategies, such as supply-chain security, asset inspection, endpoint detection, and threat intelligence, network segmentation, vulnerability management, patching, and continuous monitoring, along with OT zero-trust solutions, are essential in averting or responding to OT cyberattacks.
OT cybersecurity is a critical aspect of protecting nations’ infrastructure and ensuring the reliable and safe operation of key systems. Governments, industry stakeholders, and cybersecurity solution providers must work together to strengthen OT security measures and achieve the high degree of cybersecurity sought by national governments.
About the Author:
Dr. Terence Liu is the CEO of TXOne Networks, a leading industrial cybersecurity company. With a wealth of experience in the cybersecurity industry, Dr. Liu has played an instrumental role in developing innovative cybersecurity solutions. He has led the company in collaborating with manufacturers and critical infrastructure operators to create practical and operations-friendly approaches to cyber defense. Dr. Liu’s expertise extends to the protection of industrial control systems and operational technology environments through the OT zero-trust methodology.