Standards to Secure Energy Infrastructure

Energy sector stakeholders rely upon a patchwork of standards to defend their industrial control systems (ICS) and operational technology (OT); there is no single security standard that applies to all stakeholders in all conditions. These stakeholders need guidance on which standards apply to specific activities around securing control systems during their design, procurement, construction, operation, maintenance, and disposal phases. By identifying where particular standards are more or less appropriate across different use cases, energy sector stakeholders can optimize their decision-making process, enhance their cybersecurity, and avoid costly mistakes.