Frequently asked questions in OT security about the domain, resources, job market,

best practices etc., I made this list of Q&A based on the queries that I used to get from my
peers, Linkedin connections. I tried ChatGPT from OpenAI to list out the answers to these
queries. To my surprise it gave almost the correct relevant answers. However, on the
training and certification part it did not give the right results. However, I feel it is a great
tool and potentially answers all of your questions with the relevant answers.

1) What is OT/ICS Security?

Ans: OT/ICS (Operational Technology/Industrial Control System) security refers to

the measures taken to protect critical infrastructure and industrial control systems
from cyber threats. These systems are used to control and monitor various
industrial processes, such as those in the energy, manufacturing, and transportation
sectors. They are often connected to the internet or other networks, which can
make them vulnerable to cyber-attacks. OT/ICS security involves protecting these
systems from external threats, as well as ensuring the integrity and reliability
of the systems themselves. This can involve measures such as network security,
asset management, incident response, and vulnerability management.

2) Why OT/ICS security is important?

Ans: OT/ICS security is important because industrial control systems play a critical
role in many sectors, including energy, manufacturing, and transportation. These
systems are used to control and monitor various industrial processes, such as
electricity generation, water treatment, and oil and gas production. If these systems
were to be compromised, it could have serious consequences for the smooth
operation of these processes, as well as for the safety of the people working in
these industries.
In addition, OT/ICS systems are often connected to the internet or other networks,
which can make them vulnerable to cyber-attacks. This means that an attacker could
potentially gain access to and manipulate these systems remotely, leading to
disruptions or even physical damage. Ensuring the security of OT/ICS systems
is therefore essential to protect against these types of threats.

3) What are the standards available for OT security?

Ans: There are several standards that provide guidance on the design and
implementation of secure industrial control systems:

ISA/IEC 62443: This standard, developed by the International Society of Automation

(ISA) and the International Electrotechnical Commission (IEC), provides guidance on
the design and implementation of secure industrial automation and control systems.
It covers a wide range of topics, including network security, system architecture, and
incident response.
 NERC CIP: The North American Electric Reliability Corporation's (NERC) Critical
Infrastructure Protection (CIP) standards provide guidance on the protection of the
bulk electric system in the United States and Canada. The standards cover a wide
range of topics, including cybersecurity, physical security, and emergency
preparedness.

IEC 61511: This standard, developed by the International Electrotechnical

Commission (IEC), provides guidance on the design and implementation of safety
instrumented systems (SIS) for the process industries. It covers topics such as
system architecture, design criteria, and testing and maintenance requirements.

NIST SP 800-82: This publication, produced by the National Institute of Standards

and Technology (NIST), provides guidance on the design and implementation of
secure industrial control systems. It covers a wide range of topics, including network
architecture, security protocols, and incident response.

Adherence to these standards is often required by regulatory authorities and can

help organizations to ensure the security and reliability of their industrial control
systems.

4) What are the Best practices for OT security?

Ans: Here are a few best practices for OT/ICS security:

· Implement network segmentation: Network segmentation can help to limit the

impact of a security incident by separating different parts of the network and limiting
the flow of traffic between them.
· Use secure communication protocols: Secure communication protocols, such as
encryption and authentication, can help to protect against unauthorized access and
tampering with industrial control system communications.
· Apply security patches and updates: Keeping industrial control system software and
firmware up to date with the latest patches and updates can help to prevent known
vulnerabilities from being exploited.
· Implement access controls: Access controls, such as user authentication and role-
based access, can help to prevent unauthorized access to industrial control systems
and data.
· Monitor industrial control system activity: Continuous monitoring of industrial control
system activity can help to identify potential security threats and allow for timely
response.
· Conduct regular security assessments: Regular security assessments can help to
identify vulnerabilities and weaknesses in industrial control systems and allow for
corrective action to be taken.
· Develop and test contingency plans: Contingency plans can help to ensure the
availability of industrial control systems in the event of a security incident or other
disruption. It is important to regularly test and update these plans to ensure their
effectiveness.
5) What is the future of OT security?

Ans: The future of OT/ICS security is likely to be shaped by a number of factors,

including the increasing connectivity of industrial control systems, the development of
new technologies, and the evolving threat landscape. Some possible developments in
the field of OT/ICS security in the future include:

· Increased adoption of cybersecurity standards: As the importance of OT/ICS

security becomes more widely recognized, it is likely that there will be increased
adoption of cybersecurity standards, such as ISA/IEC 62443, to help ensure the
security and reliability of industrial control systems.
· Development of new technologies: As industrial control systems become more
complex and connected, new technologies are likely to be developed to help
secure these systems. This may include the use of artificial intelligence and
machine learning to detect and respond to security threats, as well as the
development of new communication protocols and hardware designs.
· Increased awareness of the risks associated with OT/ICS security: As the number
and sophistication of cyber-attacks targeting industrial control systems
increases, it is likely that there will be increased awareness of the risks
associated with these systems and the importance of protecting them.
· Greater collaboration between OT/ICS security professionals and other
cybersecurity experts: As the OT/ICS security field continues to evolve, it is likely
that there will be increased collaboration between OT/ICS security professionals
and other cybersecurity experts, such as those working in the IT security field.

6) How is the job market for OT/ICS Security?

Ans: The job market for OT/ICS security professionals is expected to continue growing
in the coming years. As more and more critical infrastructure and industrial control
systems become connected to the internet and other networks, the need for OT/ICS
security experts will increase. This is because these systems are vulnerable to cyber-
attacks, and ensuring their security is critical to the smooth operation of many
industries.

There is currently a shortage of qualified OT/ICS security professionals, and this is

expected to continue as the demand for these skills grows. According to a report by
Cybersecurity Ventures, there will be 3.5 million unfilled cybersecurity jobs globally by
2025. This includes jobs in the field of OT/ICS security, as well as other areas of
cybersecurity.

To be successful in the OT/ICS security field, it is important to have a strong

understanding of industrial control systems and the processes they are used to control,
as well as a good knowledge of cybersecurity principles and technologies. Training and
certifications, such as the ISA/IEC 62443 certification, GICSP and CISSP, can also be
helpful in demonstrating your expertise and advancing your career.
7) I am an instrumentation engineer; how will I make a career in OT security?
Ans: As an instrumentation engineer, you likely already have a strong foundation in
industrial control systems and the processes they are used to control. This is a good
starting point for a career in OT/ICS security, as it will give you a deep understanding
of the systems and processes you will be working to protect.

To gain more specialized knowledge in OT/ICS security, you may want to consider
pursuing additional education or training in this field. There are many resources
available to help you learn about OT/ICS security, including online courses, workshops,
and certifications.

You may also want to consider joining a professional organization, such as the
Industrial Control Systems Joint Working Group (ICSJWG), International Society of
Automation (ISA), SANS institute which is focused on promoting the understanding
and implementation of best practices in OT/ICS security. Networking with other
professionals in the field can also be a valuable way to learn about new developments
in OT/ICS security and to find job opportunities.

8) What are the skillsets required for OT/ICS Security jobs?

Ans: The skillsets required for OT/ICS security jobs will vary depending on the specific
role and the employer. However, there are some general skills that are typically
important for professionals working in this field:

· Knowledge of industrial control systems and the processes they are used to
control: Understanding how these systems work and the potential
consequences of disruptions or malfunctions is essential for effective OT/ICS
security.
· Cybersecurity expertise: OT/ICS security professionals should have a strong
understanding of cybersecurity principles and technologies, including network
security, asset management, incident response, and vulnerability
management.
· Technical skills: Depending on the specific role, OT/ICS security professionals
may need to have advanced technical skills, such as programming or systems
engineering.
· Communication skills: The ability to clearly communicate technical
information to non-technical stakeholders is important in this field, as OT/ICS
security professionals often need to work with a variety of people, including
engineers, executives, and regulatory authorities.
· Problem-solving skills: OT/ICS security professionals should be able to identify
and troubleshoot issues with industrial control systems and develop solutions
to address them.
· Attention to detail: Ensuring the security and reliability of industrial control
systems requires a high level of attention to detail and the ability to identify
and address potential issues.
 In addition to these general skills, OT/ICS security professionals may need to have
specific expertise in areas such as process control systems, supervisory control and
data acquisition (SCADA) systems, or other specialized technologies.

9) What are the job roles available in OT/ICS security field?

Ans: There are a variety of job roles available in the field of OT/ICS security, depending
on an individual's education, experience, and skillset. Some examples of job roles in
this field include:

OT/ICS Security Analyst: These professionals are responsible for monitoring and
analyzing industrial control systems for potential security threats, and implementing
measures to prevent or mitigate these threats.

OT/ICS Security Engineer: These professionals design and implement security solutions
for industrial control systems, including network security, asset management, and
incident response systems.

OT/ICS Security Consultant: These professionals provide expert advice and guidance
to organizations on how to improve the security of their industrial control systems.
They may also be responsible for conducting risk assessments and developing security
plans.

OT/ICS Security Manager: These professionals are responsible for overseeing the
security of industrial control systems within an organization, including managing
security personnel and developing and implementing security policies and procedures.

OT/ICS Security Researcher: These professionals conduct research on industrial control

system security, including developing new technologies and techniques to improve
security.

OT/ICS Security Trainer: These professionals develop and deliver training programs on
industrial control system security to employees within an organization.

OT/ICS Security Sales Engineer: These professionals work with sales teams to identify
potential customers for industrial control system security products and services, and
provide technical support during the sales process.

The specific job duties and responsibilities of these roles may vary depending on the
employer and the specific industry.
10) Should I know any programming language if I want to work in OT security domain?

Ans: Knowing a programming language can be helpful for professionals working in

the field of OT/ICS security, but it is not necessarily a requirement for all job roles.
Some positions, such as OT/ICS security engineers or researchers, may require
advanced programming skills, as they may be responsible for developing or testing
security solutions that involve programming. In these cases, knowledge of languages
such as C, C++, or Python may be beneficial.

However, there are also many job roles in OT/ICS security that do not require
advanced programming skills. For example, OT/ICS security analysts, consultants, and
managers may not need to have programming expertise, but instead may focus on
other areas such as risk assessment, policy development, or incident response.

Ultimately, the specific programming skills required for an OT/ICS security job will
depend on the employer and the specific responsibilities of the role. It can be helpful
to review the job requirements for the positions you are interested in to get a better
understanding of the specific skills that are necessary.

11) I am currently working in IT security domain, Do you think I can break into OT
Security without any knowledge of automation or manufacturing?

Ans: It is possible to break into the field of OT/ICS security without a background in
automation or manufacturing, but having some understanding of these areas can be
helpful. Industrial control systems are used to control and monitor various industrial
processes, such as those in the energy, manufacturing, and transportation sectors.
Having a basic understanding of these processes and the systems that are used to
control them can be beneficial when working in OT/ICS security, as it will help you to
better understand the implications of disruptions or malfunctions.

That being said, there are many job roles in OT/ICS security that do not require a
deep understanding of industrial processes or systems. For example, positions in
areas such as risk assessment, policy development, or incident response may not
require detailed knowledge of automation or manufacturing, but instead focus on
general cybersecurity principles and techniques.

To break into the field of OT/ICS security, it is important to have a strong foundation
in cybersecurity principles and technologies, as well as a willingness to learn about
industrial control systems and the specific challenges they face. Pursuing education
or training in OT/ICS security, such as through a certification program, can also be
helpful in demonstrating your expertise and advancing your career.
12) Currently I'm pursuing my masters in cyber security, I am interested in ICS security
and want to do some projects related to ICS security. Can you please guide?

Ans: If you are interested in doing a project related to ICS security as part of your
master's degree in cybersecurity, there are several steps you can take to get started:

· Identify a specific area of focus: There are many different aspects of ICS
security, so it can be helpful to identify a specific area that you are interested
in exploring. For example, you may want to focus on a particular industry,
such as energy or manufacturing, or on a specific type of industrial control
system, such as SCADA or process control systems.
· Research relevant topics and technologies: Once you have identified your area
of focus, you can start to research relevant topics and technologies that you
may want to include in your project. This may involve reading articles, papers,
and standards related to ICS security, as well as exploring online resources
and networking with professionals in the field.
· Develop a project plan: Once you have a good understanding of the specific
topics you want to explore, you can begin to develop a project plan. This
should include a clear statement of your research question or objective, as
well as a description of the methods you will use to address it.
· Identify resources and seek guidance: Depending on the scope of your
project, you may need to access certain resources or seek guidance from
experts in the field. For example, you may need to use specialized equipment
or software, or you may want to consult with professionals who have expertise
in the specific area you are studying.
· Execute your project and document your results: Once you have your project
plan in place, you can begin to execute your project and document your
results. This may involve collecting and analyzing data, conducting
experiments or simulations, or developing prototypes or proof-of-concepts.

It can be helpful to work with a mentor or supervisor as you develop and execute
your project, as they can provide guidance and feedback to help you stay on track
and ensure the success of your project.

13) Few ideas on ICS security projects:

Ans: Here are a few ideas for ICS security projects:

Developing a secure network architecture for an industrial control system: This project
could involve designing a secure network architecture for an industrial control system,
taking into consideration factors such as system components, communication
protocols, and potential threats.

Conducting a risk assessment of an industrial control system: This project could involve
evaluating the potential risks to an industrial control system, such as cyber threats,
physical threats, or operational failures. The project could include recommendations
for mitigating these risks.
 Developing a security incident response plan for an industrial control system: This
project could involve designing a plan for responding to security incidents that may
affect an industrial control system. The plan could include steps for identifying,
containing, and mitigating the impact of incidents, as well as procedures for
communication and reporting.

Evaluating the security of a specific industrial control system component: This project
could involve analyzing the security of a specific component of an industrial control
system, such as a programmable logic controller or a human-machine interface. The
project could include recommendations for improving the security of the component.

Developing a security training program for industrial control system employees: This
project could involve designing a training program to educate employees who work
with industrial control systems on best practices for maintaining the security of these
systems. The program could include topics such as identifying potential threats,

14) Sample Job description for OT security.

Ans: Here is a sample job description for an OT/ICS security role:

Title: OT/ICS Security Engineer
Location: [City, State]
Overview: We are seeking an experienced OT/ICS Security Engineer to join our team.
In this role, you will be responsible for designing, implementing, and maintaining the
security of our industrial control systems. You will work closely with other members
of the security team and with engineering and operations staff to ensure that our
systems are secure and compliant with relevant standards and regulations.
Responsibilities:
o Design and implement security controls for industrial control systems, including
network segmentation, access controls, and secure communication protocols
o Conduct risk assessments and identify vulnerabilities in industrial control
systems.
o Develop and maintain security policies, procedures, and standards for industrial
control systems
o Monitor industrial control system activity and respond to security incidents as
needed.
o Conduct regular security assessments and audits to ensure compliance with
relevant standards and regulations
o Collaborate with engineering and operations staff to identify and implement
security improvements
Requirements:
· Bachelor's degree in Computer Science, Cybersecurity, or a related field
· 3+ years of experience in OT/ICS security or a related field
· Knowledge of industrial control systems and their architecture and protocols
· Experience with risk assessment, incident response, and security best practices
· Certification in OT/ICS security (such as GICSP, CEH) is a plus
· Strong communication and collaboration skills.