Skip to Content

NSA and CISA Control System Defense Guidance

Updated on 2022-09-27

NSA and CISA have issued guidance on how to secure OT and ICS infrastructure. Best practices include: Limiting exposure to system data, identifying remote access points, restricting tools and scripts, conducting regular security audits, and implementing a dynamic network environment. MORE | READ THE ADVISORY

Updated on 2022-09-21

The US National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) have jointly published guidance for securing operational technology (OT) and industrial control systems (ICS) that are part of the country’s critical infrastructure. The cybersecurity advisory includes information about the tactics, techniques, and procedures that threat actors use to infiltrate OT/ICS systems along with recommended mitigations to protect these systems.


  • Read the report to understand how and what OT systems are targeted. Also note information regarding how the inner workings (including weaknesses) are generally available. Recall that information about which OT systems you have may be published inadvertently, such as capturing it in publicity photos celebrating accomplishments, so you cannot assume this information is proprietary.


Overview: NSA & CISA guide for OT/ICS networks

After issuing several guidelines and recommendations on various topics throughout the year, NSA and CISA officials have now turned their sights to OT/ICS networks. Read more: NSA, CISA: How Cyber Actors Compromise OT/ICS and How to Defend Against It

    Ads Blocker Image Powered by Code Help Pro

    It looks like you are using an adblocker.

    Ads keep our content free. Please consider supporting us by allowing ads on