New cyber security alliance will develop comprehensive cyber security guidelines for operational technology infrastructure
October 23, 2019 – Forescout Technologies, Inc. (NASDAQ: FSCT), the leader in device visibility and control, has announced that it has joined a new alliance to provide a technical and organisational framework for safe and secure operational technology (OT). The Operational Technology Cyber Security Alliance (OTCSA) aims to bridge dangerous gaps in security for OT and critical infrastructures and industrial control systems (ICS) to support and improve the daily lives of citizens and workers in an evolving world. Industry leaders ABB, Check Point Software, Cylance, Fortinet, Microsoft, Mocana, NCC Group, Qualys, SCADAFence, Splunk and Wärtsilä have partnered with Forescout to establish the OTCSA.
The OTCSA mission is five-fold:
· strengthen cyber-physical risk posture of OT environments and interfaces for OT/IT interconnectivity
· guide OT operators on how to protect their OT infrastructure based on a risk management process and reference architectures/designs, which are demonstrably compliant with regulations and international standards such as IEC 62443
· guide OT suppliers on secure OT system architectures, relevant interfaces and security functionalities
· support the procurement, development, installation, operation, maintenance, and implementation of a safer, more secure critical infrastructure
· accelerate the time to adoption of safer, more secure critical infrastructures.
With 60 per cent of organisations using ICS indicating that they experienced a breach in their systems in the past year, and 97 per cent acknowledging security challenges because of the convergence of IT and OT(1), the need for the OTCSA is critical. Cyber-attacks on OT and critical infrastructures are on the rise and they are impacting business risk across all industries – from disrupting manufacturing systems to halting safety services. Threats to OT can have potential impacts in scope and scale greater than in information-only environments, including negative financial impact, ecological damage and loss of life.
“Critical infrastructures and industrial control systems are essential to organisation revenue and profits and the global economy,” said Damiano Bolzoni, vice president of industrial and OT business, Forescout. “As the market leader in device visibility and control, Forescout is committed to collaborating with the industry to establish architectural, implementation and process guidelines that further strengthens the cyber security risk posture and resiliency of operational technology.”
Until now, there has been no industry group focused on improving cyber risk posture by providing tangible architectural, implementation, and process guidelines to OT operators and solution providers so that they can navigate necessary changes, upgrades and integrations to evolving industry standards and regulations. These robust security guidelines will cover the entire lifecycle – procurement, development, deployment, installation, operation, maintenance and decommission – and address aspects related to people, process, and technology.
OTCSA promotes collaboration amongst IT and OT operators and leading companies in the industry. Membership is open to any company that operates critical infrastructure or general OT systems to run its business (OT operators) as well as companies providing IT and OT solutions (solution providers).
To learn more about the OTCSA or becoming a member, visit: www.otcsalliance.org.
Operational Technology Cyber Security Alliance (OTCSA) is a group of global industry-leading organisations focused on providing operational technology (OT) operators with resources and guidance to mitigate their cyber risk in an evolving world. Founded in 2019, OTCSA is the first group of its kind to architect a technical and organisational framework – the who, what and how – for safe and secure OT. Membership is open to all OT operators and solution providers. Current members include ABB, Check Point Software, Cylance, Forescout, Fortinet, Microsoft, Mocana, NCC Group, Qualys, SCADAFence, Splunk and Wärtsilä.
Forescout Technologies, Inc. provides security at first sight. Our company delivers device visibility and control to enable enterprises and government agencies to gain complete situational awareness of their environment and orchestrate action. Learn more at www.forescout.com.
© 2019 Forescout Technologies, Inc. All rights reserved. Forescout Technologies, Inc. is a Delaware corporation. A list of our trademarks and patents can be found at https://www.forescout.com/company/legal/intellectual-property-patents-trademarks. Other brands, products, or service names may be trademarks or service marks of their respective owners.
1) Forrester consulting study commissioned and published by Fortinet, May 2018