While working with industry, CERT Australia has collated a set of relatively inexpensive and simple to implement improvements that they have seen employed in operational technology (OT) environments.
Each organisation should perform a careful risk-assessment of all tips, to ensure compatibility with their own specific requirements and systems.
If you have any feedback regarding either an additional control systems tip, or discover a new issue with an existing tip, please contact the control systems team on info [at] cert.gov.au.
While addressing cyber security in a controlled environment, these tips are intended to be:
- relatively quick to implement
- inexpensive to implement
- and a first steps approach.
The tips do not represent:
- the most frequently occurring vulnerabilities
- actions which provide the highest level of protection
- a complete set of actions for security
- a replacement for a complete, long-term security plan.
Here's a brief description of each:
Tip 1: Disable maintenance connections except when required
Tip 2: Implement two-factor authentication
Tip 3: Disable USB ports whenever possible
Tip 4: Visibly mark the devices authorised to be in control systems environment
Tip 5: Make regular backups and keep them isolated
Tip 6: Regularly review firewall settings are in an expected state
Tip 7: Prevent direct egress from the control network to the internet
Tip 8: Prevent External DNS Lookups
Tip 9: Enable logging
Information about the tips is further detailed in the following download: