Operational technology systems are increasingly connected. While connectivity delivers operational benefits, it can also increase cyber risk if not managed securely.
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), in collaboration with international partners and led by the UK’s National Cyber Security Centre, has released Secure connectivity principles for Operational Technology (OT).
The guidance responds to growing cyber threat to OT environments, including those that support critical infrastructure. Many OT systems were designed for safety and reliability, not cyber security. As connectivity expands through remote access, third-party support and data sharing, organisations need clear, practical guidance to manage risk of a cyber intrusion.
The guidance sets out 8 principles to help organisations design, secure and manage OT connectivity. These principles focus on how to:
- Reduce unnecessary exposure to networks
- Apply consistent and secure connectivity patterns
- Limit the impact of a cyber-compromise
- Monitor connectivity and detect threats early
- Plan for isolation if systems require disconnection
The principles support system owners, operators of essential services and suppliers involved in OT environments. They can apply them to new and existing systems and scale to suit organisational risk and maturity.
By applying this guidance, organisations can strengthen cyber resilience while maintaining safety, reliability and operational continuity.
Learn more by reading Secure connectivity principles for OT.