NIST Publishes Final Version of 800-82r3 OT Security Guide


NIST announced on Thursday that it has published the final version of its latest guide to operational technology (OT) security. 

NIST published the first draft of Special Publication (SP) 800-82r3 (Revision 3) in April 2021, with a second draft being released one year later. Now, Revision 3 of the OT security guide has been finalized.

The 316-page document provides guidance on improving the security of OT systems while addressing their unique safety, reliability and performance requirements. 

“SP 800-82r3 provides an overview of OT and typical system topologies, identifies typical threats to organizational mission and business functions supported by OT, describes typical vulnerabilities in OT, and provides recommended security safeguards and countermeasures to manage the associated risks,” NIST explained.

The guidance focuses on OT cybersecurity program development, risk management, cybersecurity architecture, and applying the NIST Cybersecurity Framework (CSF) to OT. 

The latest revision’s updates include expansion in scope from industrial control systems (ICS) to OT in general, as well as updates to OT threats, vulnerabilities, risk management, recommended practices, current security activities, and tools and capabilities. 

The document also aligns with other OT security guides and standards, and provides tailored security control baselines for low-, moderate- and high-impact OT systems.

Advertisement. Scroll to continue reading.

SP 800-82 Revision 3 is available for download in PDF format for free from NIST’s website. 

Related: NIST Releases ICS Cybersecurity Guidance for Manufacturers

Related: DHS Develops Baseline Cybersecurity Goals for Critical Infrastructure

Related: US Agencies Told to Assess IoT/OT Security Risks to Boost Critical Infrastructure Protection

Related: Security Team Huddle: Using the Full NIST Cybersecurity Framework for the Win



Source link