Following up on President Biden’s July 28, 2021, National Security Memorandum on “Improving Cybersecurity for Critical Infrastructure Control Systems, the Department of Homeland Security (DHS) coordinated with NIST in developing preliminary cybersecurity performance goals that will drive adoption of effective practices and controls.
CISA and NIST identified nine categories of recommended cybersecurity practices and used these categories as the foundation for preliminary control system cybersecurity performance goals. Each of the nine goals includes specific objectives that support the deployment and operation of secure control systems that are further organized into baseline and enhanced objectives. These goals represent high-level cybersecurity best practices. They are:
Risk Management and Cybersecurity Governance
Architecture and Design
Configuration and Change Management
System and Data Integrity, Availability, and Confidentiality
Continuous Monitoring and Vulnerability Management
Training and Awareness
Incident Response and Recovery
Supply Chain Risk Management
The preliminary performance goals and objectives are available on CISA.gov.
NIST conducts research and provides resources to improve the cybersecurity of Operational Technology. Among activities that will con ..
Support the originator by clicking the read the rest link below.