NIST 800-82
The NIST guide to operational technology security - a compendium of best practices for protecting ICS and OT environments.
What is NIST 800-82?
NIST SP 800-82 (Guide to Operational Technology Security) is a NIST special publication providing guidance on the security of operational technology systems, including industrial control systems (ICS), SCADA, DCS and PLCs. The current version (Revision 3, 2023) reflects the evolving OT threat landscape and contemporary best practices.
The document covers several key areas: an overview of OT systems and their security specifics (priority of availability over confidentiality), risk management in OT environments, OT network security architecture (segmentation, zones, conduits), security controls tailored to OT (mapped to NIST SP 800-53), guidance on securing specific components (PLCs, HMIs, historians) and incident response in industrial environments.
NIST 800-82 is complementary to IEC 62443 - both standards address OT security but from different perspectives. NIST 800-82 is a practical guide with recommendations, while IEC 62443 is a standard with certification requirements.
Why does it matter?
NIST 800-82 is one of the most frequently referenced documents in OT security projects. It serves as a practical guide for organisations beginning to build an OT cybersecurity programme, providing context, priorities and specific recommendations. Its free availability and clear language make it an excellent starting point.
Related topics
Related terms
Related SEQRED services
Need help in this area?
Our experts will help you assess the risk and plan next steps.