(WO) — Frost & Sullivan and Applied Risk, a DNV company, have joined forces to publish a new white paper outlining practical steps for designing, implementing, and maintaining sustainable operational technology (OT) cybersecurity programs.

The white paper provides accessible advice for overcoming hurdles in designing, building and operating OT security programs. Frost & Sullivan’s team of analysts has partnered with industrial cyber security experts at Applied Risk to describe useful actions that should be taken at every stage of a program’s lifecycle. These include setting goals and responsibilities to determine vulnerabilities, selecting countermeasures and governance systems, implementing controls, and embedding assurance schemes.

The white paper also includes a checklist of ‘to-dos’ to help cyber security, engineering, and management teams avoid pitfalls along the way.

Securing Operational Technology

The control systems that manage, monitor, automate and control industrial operations are a growing challenge for companies with industrial operations. As OT becomes more connected and networked to IT environments, cybercriminals are increasingly gaining access to, and control of, industrial infrastructure.

OT- reliant sectors like energy appear within the top ten most-attacked industries. The risk of production shutdowns, safety incidents, process disturbance and other service disruptions is consequently growing.

A blueprint for building sustainable operational technology cybersecurity programs addresses common concerns facing OT security decision-makers as they invest in protecting their organizations against emergent risks. 40% of OT security decision-makers worry about the potential security risks of IT and OT system integration in their organization.

In addition, 37% say their organization lacks the expertise needed to develop and maintain a sustainable OT security program. 26% believe that their organization’s decision-making structure is so complex that it paralyzes the OT security planning process.

“OT security leaders are under greater pressure to demonstrate that their organizations can manage the risks emerging from an increasingly complex cyber threat landscape. But there is relatively little best practice available on how to build sustainable OT security programs. The white paper that we have published with Frost & Sullivan aims to provide OT security leaders in need with a framework for success,” said Jalal Bouhdada, Founder of Applied Risk and Global Cyber Security Segment Director at DNV.