US and UK Agencies Publish New Cybersecurity Guidance for Critical Infrastructure Environments
The National Institute of Standards and Technology (NIST) published a draft Transit Cybersecurity Framework Community Profile intended to improve cybersecurity practices in transportation systems that require continuous operations and connectivity. The voluntary draft, developed by NIST’s National Cybersecurity Center of Excellence (NCCoE), is open for public comment through February 23, 2026, and positions transportation as a critical-infrastructure area needing more tailored cybersecurity guidance.
Separately, CISA and the UK’s NCSC released joint guidance titled Secure Connectivity Principles for Operational Technology (OT) environments, aimed at helping asset owners balance business-driven connectivity (remote access, data integration, cloud connectivity) with security risk. The guidance outlines eight high-level principles (e.g., limiting exposure, centralizing and standardizing access, using secure protocols, hardening boundaries) intended to be broadly applicable across critical-infrastructure sectors. An additional Help Net Security interview with Fermilab’s CISO discusses general cybersecurity challenges in open scientific research environments, but it does not materially relate to the NIST transit framework draft or the CISA/NCSC OT connectivity guidance.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
NIST opens public comment period for transit cybersecurity draft
NIST invited public comment on the draft transit cybersecurity profile through February 23, 2026. The review process was intended to gather feedback from transit agencies, suppliers, vendors, and other stakeholders before finalizing the guidance.
NIST releases draft Transit Cybersecurity Framework Community Profile
In late January 2026, NIST's National Cybersecurity Center of Excellence published a draft "Transit Cybersecurity Framework Community Profile" to help transit agencies align with NIST CSF 2.0 while addressing sector-specific constraints. The voluntary draft focused on protecting safety- and continuity-critical transit functions amid growing digitization, legacy infrastructure, and rising cyber risk.
CISA and NCSC-UK publish OT secure connectivity principles
On January 14, 2026, CISA and the UK National Cyber Security Centre jointly released "Secure Connectivity Principles for Operational Technology (OT)" guidance for critical infrastructure operators. The document set out eight risk-based principles to help organizations expand OT connectivity, remote access, and cloud integration without weakening security.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
NIST draft aims to address growing cyber risk in transportation sector | SC Media
scworld.com
Open sourceNIST releases a new draft cybersecurity framework for systems that never stop moving - Nextgov/FCW
nextgov.com
Open sourceCISA releases Secure Connectivity Principles Checklist for Operational Technology Networks Connectivity
cybersecuritynews.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Critical Infrastructure Cybersecurity Guidance and Architecture to Reduce Telecom and OT Attack Surfaces
A virtual briefing hosted by the Institute for Critical Infrastructure Technology (ICIT) argued that **telecom networks’ “crown jewels”**—including signaling pathways and subscriber identity/metadata—remain high-value targets, and that traditional perimeter defenses are insufficient against advanced adversaries. The session cited activity associated with China-linked threat actors **Salt Typhoon** and **Volt Typhoon** as illustrative of systemic telecom weaknesses, and promoted *privacy-first mobile-carrier* design choices (e.g., minimizing exposed identifiers and reducing the long-term value of compromised data) as concrete controls to reduce attack surface and limit blast radius. Separately, the U.K. **National Cyber Security Centre (NCSC)**, working with **CISA**, the **FBI**, and other international partners, released guidance titled **“Secure Connectivity Principles for Operational Technology”** aimed at reducing exposed and insecure connectivity in OT environments, including nuclear-sector contexts. The guidance outlines **eight foundational principles** intended to help organizations protect OT networks from highly capable and opportunistic actors, including **nation-state** threats, against a backdrop of accelerating IT/OT convergence and increasing rates of OT/ICS-impacting incidents reported across critical infrastructure.
Mar 21, 2026
Western Cyber Agencies Release Secure Connectivity Principles for Operational Technology
CISA, the UK **NCSC**, and multiple international partners released **Secure Connectivity Principles for Operational Technology (OT)** guidance aimed at reducing risk created by increased connectivity into industrial environments (e.g., industrial control systems, sensors, and other critical services). The guidance is positioned for operators of essential services facing business and regulatory pressure to enable remote monitoring and management, and it emphasizes that formerly *air-gapped* OT is now more exposed due to expanded remote access and IT/OT convergence. The guidance highlights that insecure or exposed OT connectivity is being targeted by a broad range of adversaries, including **ransomware groups**, **state-backed actors**, and **pro-Russia hacktivists** conducting opportunistic attacks against global critical infrastructure. Recommended defensive themes include **network segmentation**, **strong authentication**, continuous monitoring, and minimizing remote access paths to prevent disruptive incidents with potential real-world safety and service-delivery impacts; CISA also solicited stakeholder feedback via a product survey. Separate opinion pieces discussing AI in critical infrastructure and power redundancy risks in OT, and an industry roundup of Chinese cybersecurity companies, do not provide additional reporting on this specific guidance release.
Mar 21, 2026
Industry Pushes NIST to Add More Actionable Detail in SP 800-82 OT Security Rewrite
U.S. **operational technology (OT)** security specialists urged **NIST** to make its forthcoming update to *Special Publication 800-82* significantly more practical and granular, arguing that OT owners and operators need actionable guidance rather than high-level frameworks. The feedback was provided as NIST begins its **fourth revision** of SP 800-82 and solicits private-sector input, reflecting growing maturity and urgency in OT cybersecurity governance. Vendors and practitioners emphasized that OT environments require different approaches than conventional IT, particularly for **vulnerability management**, where standard IT practices may be ineffective or counterproductive in industrial settings. Commenters also called for more **sector-specific guidance** for emerging OT verticals such as **smart building management** and **distributed energy systems** (including **EV charging networks**), and broadly supported NIST’s proposal to move several SP 800-82 appendices online—covering OT security organizations, tools and threats, and catalogs of vulnerabilities and incidents—to keep reference material more current.
Mar 21, 2026