The Australian government has contributed to a new international guide emphasizing secure-by-design principles for operational technology (OT) cybersecurity. The framework highlights critical considerations for protecting industrial control systems and critical infrastructure from evolving cyber threats. It addresses vulnerabilities in OT systems, often targeted due to weak authentication and insecure configurations.

The guide prioritizes configuration management, secure logging, and open standards to enhance interoperability and reduce vendor dependency. It also emphasizes data protection, secure communication capabilities, and strong authentication to safeguard critical infrastructure. Effective vulnerability management and streamlined upgrade and patching processes are also essential for securing OT systems. By following these guidelines, operators can build more resilient systems and better withstand cyber threats.