Redazione RHC : 18 August 2025 09:04
CISA, in collaboration with international partners, has published a comprehensive guide, titled “OT Cybersecurity Fundamentals: Asset Inventory Guide for Owners and Operators,” to strengthen cybersecurity defenses in critical infrastructure sectors.
The document emphasizes the critical importance of maintaining accurate inventories of operational technology (OT) assets, as malicious cybercriminals increasingly target industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, and programmable logic controllers (PLCs) in the energy, water, and manufacturing sectors.
These Attacks exploit vulnerabilities in legacy systems, weak authentication mechanisms, insufficient network segmentation, insecure OT protocols such as Modbus and DNP3, and compromised remote access points.
The guide introduces a systematic approach using OT taxonomies based on the ISA/IEC 62443 regulatory framework.
Organizations are encouraged to categorize assets into Zones (logical groupings of assets that share common security requirements) and Conduits (communication paths with shared cybersecurity requirements between zones).
The framework prioritizes the collection of fourteen high-priority asset attributes, including MAC addresses, IP addresses, active communication protocols, asset criticality classifications, manufacturer and model information, operating systems, physical locations, ports and services, user accounts, and logging capabilities.
Organizations are encouraged to implement both criticality- and function-based classification methodologies to improve risk identification and vulnerability management processes.
CISA has developed conceptual taxonomies through collaborative working sessions with 14 organizations from the oil, gas, and electricity subsectors of the energy sector, as well as organizations from the water and wastewater sectors. waste.
These taxonomies classify assets as high-criticality (requiring rigorous network segmentation and role-based access control), medium-criticality (requiring robust monitoring and regular updates), and low-criticality (requiring basic security measures).
The guidelines emphasize integration with the CISA catalog of known exploited vulnerabilities (KEVs) and the CISA vulnerability and MITRE Common Exposures (CVE) for continuous threat assessment.
Organizations are recommended to compare inventories with the MITRE ATT&CK Matrix for ICS and implement real-time monitoring of process variables, including temperature, pressure, and flow indicators.
Redazione