A year ago, Dragos Inc. released the first cybersecurity resource designed to provide industrial asset owners and operators with free OT-specific cybersecurity resources. Dragos OT-CERT (Operational Technology – Cyber Emergence Readiness Team), was designed specifically to help teams within small and mid-sized organisations to help them build their OT cybersecurity programmes, improve their security postures, and reduce OT risk.
The product was launched at the 2022 RSA Conference and has grown to include over 900 members representing over 50 countries from the global ICS/OT community. OT-CERT was designed to address a critical gap in securing industrial infrastructure: the lack of OT-specific cybersecurity resources readily available to the industrial infrastructure community. The gap is especially critical among small and medium-sized businesses that often have limited in-house cybersecurity expertise and lack the financial and technical resources to address ICS/OT cybersecurity risks.
For small and medium sized businesses, the thought of OT security can be overwhelming. The platform allows users access to guides, templates, videos, and monthly interactive working group sessions, amongst other resources. OT-CERT content aligns to the SANS Institute 5 Critical Controls for ICS/OT Cybersecurity.
Additionally, OT-CERT coordinates with original equipment manufacturers (OEMs) regarding disclosures for vulnerabilities discovered by Dragos threat intelligence researchers, as well as cyber threats detected by the Dragos Platform targeted at the OEMs’ products.
Dawn Capelli, Dragos OT-CERT Director says: “With Dragos OT-CERT, we set out to build a community resource that helps make ICS/OT cybersecurity accessible and achievable for all—especially for small and medium-sized companies who can find themselves overwhelmed by the idea of providing effective cybersecurity for their industrial assets—and the engagement and feedback has exceeded expectations.”
Members have access to OT cybersecurity best practices, cybersecurity maturity assessments, training, workspaces, tabletop exercises, webinars, and more. OT-CERT also coordinates with original equipment manufacturers (OEMs) regarding disclosures for vulnerabilities discovered by Dragos threat intelligence researchers, as well as cyber threats detected by the Dragos Platform targeted at the OEMs’ products.
“Designing, manufacturing, and deploying telecommunications equipment and systems for critical communications sectors, in more than 60 countries, requires a constant effort in the renewal of knowledge and application of current and future technologies, as well as a deep understanding of the ecosystem,” said Oscar Blanco Torras, Cybersecurity Product Manager, Teltronic. “Cybersecurity plays a critical role, and Dragos OT-CERT provides tools and cross-cutting knowledge among the members of the group. Being a part of the OT-CERT community means we no longer feel like we are working on our OT cybersecurity program in an isolated silo.”
Brad Wynes, Supervisor-OT Cybersecurity, City Utilities of Springfield, who is a member of the group, testified to the initiative’s success: “As a community-owned utility, we are responsible for the critical services of more than 100,000 customers and households. Building an industrial cybersecurity program to protect the infrastructure this entire community relies on can be challenging at times,” said Brad Wynes, Supervisor-OT Cybersecurity, City Utilities of Springfield. “With Dragos OT-CERT, we have been able to learn from others and share our experiences in an open and inviting forum.
Dragos OT-CERT partners include the National Association of Manufacturers, Emerson, Rockwell Automation, seven Information Sharing and Analysis Centres: E-ISAC (electricity), OT-ISAC (operational technology), MFG-ISAC (manufacturing), ONG-ISAC (oil and natural gas), DNG-ISAC (downstream natural gas), WaterISAC (water), MM-ISAC (mining and metals), the Massachusetts Cybersecurity Program within the Massachusetts Commonwealth Fusion Centre, and Catalyst Connection, a member of the NIST Manufacturing Extension Partnership.
“Recent regulations and guidelines have helped to establish ‘what’ small and medium-sized organisations should do to secure their OT environments, but OT-CERT takes it a step farther by assisting with ‘how’ to do it,” said Cappelli. “We provide templates, how-to video demonstrations, and detailed implementation guides. We also hold OT-CERT working sessions every month exclusively for our members where we get to know each other, ask questions, get advice, and share our successes and challenges. We’re thrilled with the exponential growth, the strong community we’ve created, and the security outcomes we’re achieving.”
Earlier this year, Dragos released their annual Year in Review report, which identified two new threat groups targeting critical national infrastructure (CNI) and OT.