Introduction to Recommended Practices

This site provides a current information resource to help industry understand and prepare for ongoing and emerging control systems cyber security issues, vulnerabilities, and mitigation strategies.

The CSSP works with the control systems community to ensure that recommended practices that are made available have been vetted by subject-matter experts in industry before being made publicly available in support of this program.

Recommended practices are developed to help users reduce their exposure and susceptibility to cyber attacks. These recommendations are based on understanding

• cyber threats
• control systems vulnerabilities and attack paths
• Secure Architecture Design

Additional recommended practices and supporting documents that cover specific issues and associated mitigations can be found in

• Recommended Practices

Additional recommended practices and supporting documents that cover specific issues and associated mitigations will continue to be added.