The cybersecurity requirements of the new regulation set by the European Commission affect standardization in the operational technology environment. The European Commission requires that every EU state form and set a cybersecurity strategy that must be the guideline on how to enhance cybersecurity at a political, strategic, operational, and tactical level. The chapter proposes the main requirements in the cybersecurity governance of industrial organizations that use operational technology in their daily business. The use cases in the built testbed environment provide an output that generates a new database for research. We have seen that Information and Operational Technology are based on different threats and risk bases. Operational Technology-related threats threaten the cyber-physical ecosystem, where anomalies affect the physical world, so operational functions of equipment, devices, sensors, components, and production lines are interrupted. Securing continuity and supply chain management are crucial in operational technology environments regarding business continuity. The study’s primary purpose is to describe the cybersecurity governance elements of the OT environment for enhancing situational awareness. Standardizing the cybersecurity level among industrial stakeholders requires EU member states to have a national cybersecurity strategy that follows the main EU-level guidelines. Enterprises must take steps to protect critical infrastructure in the EU area.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Developing the Cybersecurity Governance Model to Protect Operational Technology Environments

  • Jussi Simola,
  • Arttu Takala,
  • Riku Lehkonen,
  • Anton Kelo

摘要

The cybersecurity requirements of the new regulation set by the European Commission affect standardization in the operational technology environment. The European Commission requires that every EU state form and set a cybersecurity strategy that must be the guideline on how to enhance cybersecurity at a political, strategic, operational, and tactical level. The chapter proposes the main requirements in the cybersecurity governance of industrial organizations that use operational technology in their daily business. The use cases in the built testbed environment provide an output that generates a new database for research. We have seen that Information and Operational Technology are based on different threats and risk bases. Operational Technology-related threats threaten the cyber-physical ecosystem, where anomalies affect the physical world, so operational functions of equipment, devices, sensors, components, and production lines are interrupted. Securing continuity and supply chain management are crucial in operational technology environments regarding business continuity. The study’s primary purpose is to describe the cybersecurity governance elements of the OT environment for enhancing situational awareness. Standardizing the cybersecurity level among industrial stakeholders requires EU member states to have a national cybersecurity strategy that follows the main EU-level guidelines. Enterprises must take steps to protect critical infrastructure in the EU area.