Operational Technology Security – or OT Security


[Fortinet article](https://www.fortinet.com/solutions/industries/scada-industrial-control-systems/what-is-ot-security)
Mentions "Industrial Internet of Things (IIOT) Devices" and SCADA (see CISSP book)

Relationship to ISO 27k:
- most obvious to [ISO 27001 A 13 Communications security](../Standards/ISO27x/archive/ISO%2027001%202013/ISO%2027001%20A%2013%20Communications%20security.md) 
- also ISA/IEC 62443 series – wasn't that the thing at Ultimaker?
- Detailled Google Groups [post](https://groups.google.com/g/iso27001security/c/DhgybAN7pxk?pli=1) mentions:
	- [Generic SCADA Risk Management Framework](https://www.tisn.gov.au/Documents/SCADA-Generic-Risk-Management-Framework.pdf)
	- [ISO 27019 Information security controls for the energy utility industry]([https://www.iso.org/standard/68091.html](https://www.iso.org/standard/68091.html))
	- [Presentation]([https://isms.jp/csms/doc/JIP-CSMS120E-10.pdf](https://isms.jp/csms/doc/JIP-CSMS120E-10.pdf)) on the relation between 27001 (ISMS Implementation) and IEC 62443 (CSMS Implementation)

See also:
- [](../Standards/SANS/SANS_CIS_poster_Winter2016_CSCs.pdf)
- [](../Standards/other/CIS_Controls_V7_Poster.pdf)
- AuditScripts-CIS-Controls-Master-Mappings-v7.1c.xlsx (in the Attachments folder, linking in editor to this file type is not supported)