Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
The NIST National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of NIST Special Publication 1800-41, Responding to and Recovering from a Cyber Attack: Cybersecurity for the Manufacturing Sector, which provides guidelines on response and recovery activities in an industrial control system (ICS) environment and recommendations to improve operational resilience. The comment period for this publication is open through July 8, 2026.
Background
As Operational Technology (OT) systems like ICS become more interconnected with IT networks, they are increasingly being targeted by cyber threats, putting factory operations, safety, and property at risk. Organizations operating these systems, such as those in the manufacturing sector, need to have plans and capabilities in place to respond to cyber incidents and restore operations to improve overall resilience.
The NCCoE worked with 11 industry collaborators to develop reference architectures, describe response and recovery scenarios, and demonstrate relevant approaches and capabilities.
This draft publication provides actionable guidelines on responding to and recovering from cyber attacks in manufacturing environments. Discover how to:
- Understand the risks and potential impact of cyber incidents on your operations
- Develop a comprehensive response and recovery plan
- Implement best practices to minimize downtime and restore operations quickly
Comment Now!
Review the publication and share your feedback by July 8, 2026. If you’re interested in staying up-to-date on this project, we encourage you to join the NCCoE Manufacturing Community of Interest (COI).