Cyber risk report
NSTAC to Submit IT/OT Impact Report to White House
The National Security Telecommunications Advisory Committee has agreed to send a new information technology impact report to the White House.
The report focuses on the security risks involved in the current state of IT and operational technology systems. Scott Charney, the vice chairman of NSTAC, said setting and complying with requirements is a major concern, especially considering that IT, OT and communications technologies have become more critical in people’s lives.
IT and OT systems are becoming more prevalent, connecting critical infrastructure and other systems with IT devices. The increase in connectivity also means the vectors for cyberattacks are also widening, Nextgov reported.
Jack Huffard, the chairman of the IT and OT subcommittee within NSTAC, said the report relied on stakeholders in the private and public sectors to determine the threat landscape within IT and OT interoperable systems. Based on the respondents’ feedback, the report found that many organizations in critical industries have insufficient visibility into their environments and supply chain networks.
Huffard, who spearheaded the report, said the convergence of IT and OT systems is an issue that has been happening for decades, leading to persistent cybersecurity challenges. He added that despite the availability of security technologies and expertise, resources have not been prioritized to implement solutions.
NSTAC offered 15 recommendations to help strengthen IT and OT networks, three of which were singled out by Huffard as critically important. The three critical recommendations involve the Cybersecurity and Infrastructure Security Agency requiring executive civilian branch agencies to inventory their internet of things devices, requiring risk-informed cybersecurity capabilities for IT and OT products, and working with the National Security Council and the Office of the National Cyber Director to develop information and data sharing mechanisms to protect critical infrastructure from ransomware.
Tags: cybersecurity Cybersecurity and Infrastructure Security Agency information technology Jack Huffard National Security Telecommunications Advisory Committee Nextgov operational technology Scott Charney