Friday, May 22, 2020

CISA, DOE, and UK’s NCSC Issue Guidance on Protecting Industrial Control Systems

Original release date: May 22, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DOE) have jointly released Recommended Cybersecurity Practices for Industrial Control Systems, an infographic providing recommended cybersecurity practices for industrial control systems (ICS). The two-page infographic summarizes common ICS risk considerations, short- and long-term cybersecurity event impacts, best practices to defend ICS processes, and highlights the UK’s National Cyber Security Centre (NCSC) product on Secure Design Principles and Operational Technology.

CISA and DOE encourage users to review Recommended Cybersecurity Practices for Industrial Control Systems. For more in-depth information, visit CISA’s ICS Recommended Practices webpage and DOE's Cybersecurity Capability Maturity Model (C2M2) Program webpage. For information on CISA Assessments, visit

This product is provided subject to this Notification and this Privacy & Use policy.

Posted at