Skip to main content

The ACSC is the Australian Government’s centre for technological expertise, advice and support for operational technology. Through analysis, assessment and stakeholder engagement, the ACSC develops, maintains and imparts knowledge of the risks and opportunities associated with the increasing convergence of information technology and operational technology.

Operational technologies encapsulate the rapidly changing technological landscape that underpins, drives and supports critical infrastructure. Increased cyber-connectivity, and greater participation in, and reliance on, global supply chains means critical infrastructure is more vulnerable than it has ever been.

Aligning operational technology with information technology practices, principles and technologies brings many benefits, however, it also introduces new types of risks. A cyber attack on an operational technology system can have consequences in the physical world which, if left unmitigated, can have a potentially major or deadly impact on society and the Australian way of life.

Implementing operational technologies in a secure manner, and managing the associated risks, presents many unique challenges, including:

  • communications protocols engineered without security controls
  • the requirement that engineering systems be re-tested and certified after upgrades
  • life-cycles (20 – 50 years) of operational hardware
  • the introduction of new information technology protocols into operational technology environments
  • the increased risk that comes with connection to untrusted networks, such as the internet.