Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Cross-Functional Collaboration Is Key to Industrial Cybersecurity

As cyberthreat actors increasingly target critical infrastructure, both the federal government and private sector have key roles to play in securing essential services. Here are some of the latest joint efforts advancing this mission.

Every day, we turn on lights, run the water and charge our devices without thinking anything of it. But the reality is the vast infrastructure of operational technology (OT) that makes these things possible is increasingly exposed to serious cyberthreats. Bad actors and foreign state actors know how much we rely on our critical infrastructure and are happy to exploit that reliance.

Across the cyber industry, there’s a heightened focus on OT security, including here at Tenable, where we’re making important strides. But the private sector can’t do this alone – the federal government has an important role to play too, and it will take a collaborative, whole-of-government partnership with industry to effectively secure the nation’s OT.

Breaking down silos within the federal government

Put simply, OT cybersecurity is too important to be managed in silos. Cross-agency collaboration in the federal government and with industry can help improve vulnerability management by sharing actionable information between agencies, limiting duplicative efforts and improving results. Recently, the Departments of Homeland Security (DHS), Energy (DOE) and Defense (DOD) extended their joint effort to develop common cyberthreat indicators and defense capabilities to protect critical infrastructure in the energy sector, allowing them to share threat information, better patch vulnerabilities and more. This is good progress, as doing so will help all three agencies improve their cyber capabilities without duplicating efforts.

The role of the private sector

The federal government has an important role to play in OT security, and they’re headed in the right direction. But we can take this even further. The private sector brings forth an incredible amount of expertise, innovation and research that’s critical to solving this problem. Just like we can’t do it without our partners in government, they can’t secure the nation’s critical infrastructure without us.

Just this month, the National Institute for Standards and Technology’s (NIST) National Cybersecurity Center for Excellence (NCCoE) announced a project with ten private sector companies, including Tenable, to develop a practical solution, aligned with the NIST Cybersecurity Framework, to help manufacturers protect their industrial control systems (ICS) from cyberattacks. The result of the project – a freely available guide for companies and organizations to leverage – is exactly the type of public-private partnership we need to solve some of our greatest OT challenges.

There are also other programs already in place that should be expanded upon, like the ICT Supply Chain Risk Management Task Force, which brings together industry leaders to work with CISA on important supply chain issues. Further, the IT Sector Coordinating Council (IT-SCC) coordinates with the Department of Homeland Security and the federal government on critical infrastructure protection and cybersecurity issues. Linking the Task Force’s OT expertise and the IT-SCC’s cybersecurity recommendations and guidance with initiatives like the Control Systems Interagency Working Group (CSIWG) Executive Engagement Forum (EEF) would go a long way in promoting advanced OT security.

At Tenable, we’re proud to work with our government partners on important cybersecurity issues every day, and we look forward to helping improve cross-functional collaboration for OT security to help keep the nation’s critical infrastructure running.

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Request a demo of Tenable.ot

Get the Operational Technology Security You Need.
Reduce the Risk You Don’t.