Guidance includes recommendations on technology deployments as well as on standards.
Google Cloud's Office of the CISO, in collaboration with Mandiant, has released a report offering practical guidance to secure hybrid and cloud-connected operational technology networks in manufacturing and energy sectors, Industrial Cyber reports.
According to Industrial Cyber, the report emphasises the growing integration of IT and OT systems, noting that vulnerabilities, including weak identity and access management, insecure internet exposure, and insufficient segmentation, make these industries prime targets for ransomware, hacktivists, and state-sponsored attackers.
Google Cloud recommends deploying dedicated OT network services, granular firewalls, role-based access control, encrypted unidirectional connections, and maintaining updated OT asset inventories.
The guidance follows standards such as IEC 62443, NIST 800-82, and zero-trust principles, providing tactical steps to implement defense-in-depth architectures, secure supervisory control and data acquisition systems, and operationalise cloud-based solutions without compromising performance.
"The rapidly evolving manufacturing threat landscape necessitates a holistic approach addressing IT, OT, engineering, and supply chain security," the report states. Organisations are urged to combine on-premises OT security with secure cloud adoption to ensure resilient, compliant, and safe industrial operations.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
