Slovak national Computer Emergency Response Team.
  • Contacts
  • Text version
  • Graphic version
  • Slovenčina
www.nbu.gov.sk   www.slovensko.sk
  • About Us
  • Services
  • Statistics
  • Publications
  • Tips and Tricks
  • Legislation
  • Tips and Tricks
  • Responsible Vulnerability Disclosure Guideline
  • Security of Operational Technology Systems
    • Technological and Functional Difference between IT and OT
    • Myths and Superstitions
    • Concepts and Standards for Cybersecurity of OT Systems
    • Recommendations for Energy Sector
    • Frequently Asked Questions
  • When to Contact Us
  • Report an Incident
  • Security Recommendations
    • Online Safety Basics
      • What to Do if You Are a Victim
      • Spam
      • Phishing
      • Malicious E-mail
      • Spam and Phishing on Social Networks
      • Tips for Avoiding Being a Victim
    • Securing Accounts and Devices
      • Passwords and Securing Your Accounts
      • Hacked Accounts
      • Social Media Platforms
      • Securing Your Home Network
    • Data Backup
      • Cloud
    • Privacy Protection
      • Tips to Manage Your Privacy
    • Online Shopping
      • Shopping on the Go
      • Online Shopping Tips
      • Basic Safety and Security Tips
    • Mobile Devices
    • Malware and Botnets
      • Botnets
      • Ransomware
      • Spyware
      • Virus
      • Protection against Malware
    • Identity Theft, Fraud and Cybercrime
      • Identity Theft and Fraud
      • Cyberbullying and Harassment
  • Business Organizations
    • Asset Identification
    • Asset Protection
    • Incident Detection
    • Incident Response
    • Recovery
  • Teens
    • Tips for Teens
    • Tips for Parents
    • Parental Controls
  • Seniors
    • Tips for Seniors

Security of Operational Technology Systems

The aim of this section is to provide basic information on cybersecurity for all operators of industrial devices. Information on cybersecurity of industrial systems is also essential for designers, suppliers and manufacturers of devices.

This section is intended for top managers of IT, energy, strategy, planning, investment, procurement as well as for operation and maintenance managers and technical staff.

Today, we are witnessing a new era when the term cybersecurity is also transferred to industrial systems that use a processor technology too. These systems are referred to in professional practice as OT systems (Operational technology).

  • More information in Technological and Functional Difference between IT and OT

Cyberattacks on OT systems are related to the existence of specialized malicious codes – malware. As an evidence there were several cybersecurity incidents caused by malware such as STUXNET, INDUSTROYER, WANNACRY or LOCKERGOGA, resulting in extensive damage to industrial and power devices.

Such malware brings new serious vulnerabilities and threats that debunk deep-rooted myths about cybersecurity of OT systems.

  • More information in Myths and Superstitions

Addressing cybersecurity of OT systems requires a conceptual and systematic approach (there is no  “catalogue” solution) and is based on internationally recognized standards and directives.

Different institutions around the world are looking for effective cybersecurity solutions for industrial OT systems. Individual concepts of solutions have their historical evolution, differ according to place and time of their origin and approach cybersecurity from different points of view.

  • More information in Concepts and Standards for Cybersecurity of OT Systems

Industrial control systems are in terms of deployment areas and so-called impact criteria (i.e. depending on the extent and severity of possible damages and consequences caused by cyber incidents) divided into systems for non-critical infrastructure (manufacturing systems, building automation, etc.) and systems for critical infrastructure (energy, water, gas, transport, chemistry, metallurgy, etc.).

An internationally accepted and tested in practice directive on addressing cybersecurity of control systems of critical infrastructure devices is the BDEW White Paper (2nd updated edition, 7 May 2018).

  • More information in Recommendations for Energy Sector

For more information, please contact the National Cyber Security Centre SK-CERT.

  • More information in FAQ
First publication 04. 6. 2020. Last update 04. 6. 2020 15:13
Current threats
Current threats

SK-CERT Bezpečnostné varovanie V20230321-05

Dôležitosť Kritická Klasifikácia Neutajované/TLP WHITE CVSS Skóre 9.8 Identifikátor D-Link DIR820L – kritická ...21. March 2023

SK-CERT Bezpečnostné varovanie V20230321-04

Dôležitosť Kritická Klasifikácia Neutajované/TLP WHITE CVSS Skóre 9.8 Identifikátor Honeywell OneWireless Wireless Device ...21. March 2023

SK-CERT Bezpečnostné varovanie V20230321-03

Dôležitosť Kritická Klasifikácia Neutajované/TLP WHITE CVSS Skóre 9.8 Identifikátor Simple Image Gallery – ...21. March 2023
all publications
CVEs
Tweets by sk_cert
Links
Links
  • ENISA
  • CERT
  • Trusted Introducer
  • FIRST
Copyright © 2023 All rights reserved - Last update 21. 03. 2023 09:00
  • Sitemap
  • Declaration of accessibility
  • Technical support
  • Content
  • Report an Incident
  • Contacts
  • RSS