OT Systems Hardening


  • In the process of cybersecurity architecture implementation for OT Systems, it is very important to harden all systems and their components.​
  • The implementation of OT monitoring systems and SIEM class systems may be ineffective if the hardening of OT systems is not completed.​

OT Systems Hardening Implementation Steps​

Security Baslines Development​

  • Many well-known standards, such as NIST 800-82, IEC 62443 or NERC CIP, define hardening requirements at a very general level (e.g., disable unsecure services and protocols).​
  • In order for the approach to hardening throughout the organization to be consistent and standardized security beselines should be developed and documented based on the requirements included in the standards such IEC 62443 (e.g. on devices such as PLCs, HTTP, SNMP v1, FTP, TFTP etc. should be disabled)​

OT Systems hardening tracking​

  • It is very important that the process of individual cybersecurity mechanisms implementation will be properly documented and auditable.​
  • Before starting the hardening process, preparation activities related to the development and implementation of a tool that allows to document the hardening process should performed (it will be most effective to implement the hardening module in the asset management tool)​

OT Systems Hardening Process​

  • All OT systems and their components should be hardened in accordance with the security baselines ​
  • The implemented cybersecurity mechanisms should be documented, and any deviations from the security baseline should be analyzed and approved.​


Discover how the implemented sustainability solutions will help shorten time to improve your brand and product


REC welcomes you to our blog!

Reliability Expert Center (REC) is excited to introduce to you our new website and blog. Here you will find biweekly submissions of featured articles concerning Reliability, Sustainability, Lubrication, & Inspection from local and global experts that offer industry insight and best practice methods.