Level 0 recognized by NIST as a best-practice for OT cybersecurity

The National Institute of Standards and Technology (NIST) released a guide for Operation Technology (OT) Security outlining the main risks associated with failure of OT systems as well as best practices for protection of such critical systems.

As NIST acknowledges, organizations’ most critical processes rely on OT, which makes them highly vulnerable to cyberattacks, with harsh consequences – from significant losses due to downtimes, through social unrest due to the lack of essential resources like electricity or water, all the way to severe threat to human lives.  This further demonstrates the alarming aftermath such attacks could bear, forcing organizations worldwide to act upon such threats and implement security methods to prevent these negative forecasts from becoming a reality.

In section 5.3.6 NIST discusses the importance of considering the Purdue Model’s lowest level, Level 0, as a layer that can serve “…to detect incorrect data.”. NIST further stresses that “Organizations should make a risk-based decision considering where within the OT system (e.g., the most critical process)…”.This section also states that digital twins, separate Field I/O monitoring network should be monitored to detect anomalous behavior in OT.

section 5.3.6 from NIST guide 

SIGA is at the forefront of cybersecurity for OT, capitalizing on the richest source of information, Level 0, to monitor electrical signals and detect attacks in real-time. SigaGuard, SIGA’s flagship solution is connected directly to the sensors and actuators to get access to the most inaccessible insights and ensure full visibility at all times. SigaGuard protects critical processes from the ground up, to light the darkest corners of the most intricate procedures and secure them.

Read the entire NIST 800-82r3 document here:

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r3.ipd.pdf