OT Security Series: Keeping Your Industrial Systems Safe from USB Threats

Two-Pager Now Available! Reducing Cyber Risk of Portable Storage Media in OT Environments

The NIST National Cybersecurity Center of Excellence (NCCoE) has finalized a guide, NIST Special Publication (SP) 1334, Reducing the Cybersecurity Risks of Portable Storage Media in Operational Technology (OT) Environments, to help organizations protect their industrial control systems from cybersecurity threats when using removable media devices.

Portable storage media devices, like USB flash drives, are commonly used to transfer data between computers. However, using them in OT environments and industrial control systems, such as those used in power plants or manufacturing facilities, can pose a cybersecurity risk. If a USB device is infected with malware, it can spread to the industrial control system and cause problems, such as disrupting operations or compromising safety.

This NCCoE resource suggests implementing physical and technical controls to limit access to these devices and ensure they are used securely.

The Value of a Quick Read

We’re excited to offer this concise, two-page guide. It’s designed to be a quick and easy read, providing you with the essential information you need to protect your OT systems based off existing standards and best practices.

Want to see other OT two-pagers? If you have ideas for future guides or topics you’d like to see covered, you can email the team to let us know at manufacturing_nccoe@nist.gov.

View the Publication