Skip to main content

The ACSC is the Australian Government’s centre for technological expertise, advice, and support for Control Systems, Operational Technology, and Critical Infrastructure. Through analysis, assessment and stakeholder engagement, the ACSC develops, maintains and imparts knowledge of the risks and opportunities associated with the increasing alignment of Information Technology and Operational Technology (IT/OT Convergence); particularly (industrial) control systems.

Operational Technologies encapsulate the rapidly changing technological landscape that underpins, drives, and supports Australia’s Critical Infrastructure. Increased cyber connectivity, and greater participation in, and reliance on, global supply chains means Australia’s Operational Technology and Critical Infrastructure is more vulnerable than it has ever been.

Aligning Operational Technology, and Australian Critical Infrastructure, with Information Technology practices, principles, and technologies brings many benefits. However, it also introduces new types of risks that Australian Critical Infrastructure providers are not capable of managing without Government support. A cyberattack on an OT system can have consequences in the physical world which, if left unmitigated, can have a potentially major, deadly impact on society and the Australian way of life.

Implementing cyber-secure Operational Technologies and managing the associated risks presents many unique challenges, including:

  • Communications protocols engineered without security controls
  • The requirement that engineering systems be re-tested and certified after upgrades
  • Long life-cycles (20 – 50 years) of operational hardware
  • The introduction of new IT protocols into operational environments introduces new risks
  • The increased operational risk that comes with connection to adversarial networks.