State of research: Relevance of Computer Emergency Response Teams in Operational Technology




Computer Emergency Response Team, CERT, CSIRT, OT, Information Security, Energy, CRITIS


The increasing integration of Information Technology (IT) and Operational Technology (OT) in industrial environments has led to increased vulnerability to cyber threats. This article examines the need for a dedicated Computer Emergency Response Team (CERT) for OT to ensure the security, integrity, and resilience of critical infrastructure, particularly in the energy sector. OT is subject to specific challenges that differ from those in traditional IT networks. Cyberattacks on OT systems can not only cause financial losses, but also have a significant impact on physical security and the environment. A specific CERT for OT is necessary to address the unique characteristics of these environments. This requires expertise in industrial protocols, control systems and SCADA systems. The CERT for OT should be able to respond quickly to security incidents, perform forensic analysis and implement effective countermeasures to ensure business continuity. Research shows that implementing a specialized CERT for OT leads to improved threat detection, faster response, and more effective defense against attacks. In addition, this article emphasizes the importance of collaboration and communication between IT and OT security teams to ensure comprehensive system resilience. The following article provides a detailed literature analysis that comprehensively examines the current state of research on CERTs in the context of OT. The analysis of the relevant literature highlights the increasing threat to OT systems and emphasizes the specific requirements arising from the integration of IT and OT. By identifying research gaps and summarizing current findings, this article provides a comprehensive overview of the existing literature on this topic.