The National Cybersecurity Center of Excellence (NCCoE) at the U.S. National Institute of Standards and Technology (NIST) is implementing a project to enhance the energy sector’s asset management capabilities for operational technology. This project will include the development of a reference design and use commercially available technologies to develop an example solution that will help energy organizations address the security challenges of operational technology asset management. See project description here.

Vulnerabilities in operational technology assets present opportunities for malicious actors to cause disruptions and power outages. To properly assess cybersecurity risk within the operational technology network, energy companies must be able to identify all their assets, especially the most critical.

This project will describe methods for managing, monitoring, and baselining assets and will also include information to help identify threats to operational technology assets. It will result in a publicly available NIST Cybersecurity Practice Guide, a detailed implementation guide of the practical steps required to implement a cybersecurity reference design that addresses this challenge.

For more information, or to request a letter of interest template, click here.