MITRE and CISA Release Open Source Tool to Enhance Security of Operational Technology

A new open-source tool has been launched by MITRE and the US Cybersecurity and Infrastructure Security Agency (CISA) to emulate cyberattacks on operational technology (OT). This joint initiative aims to strengthen the security of critical infrastructure, including water and energy systems, which heavily rely on OT. The tool, known as “MITRE Calder for OT,” is now publicly available as an extension to the open-source Caldera platform on GitHub. Developed in partnership between the Homeland Security Systems Engineering and Development Institute (HSSEDI) and CISA, this tool marks a significant step in safeguarding critical infrastructure against cyber threats.

The MITRE Framework for OT (Operational Technology)

As an extension of the open-source Caldera platform, the MITRE Caldera for OT provides a comprehensive framework for emulating cyber-attacks on OT systems. This collaboration between HSSEDI and CISA offers an innovative solution for enhancing the security of critical infrastructure. By simulating potential cyber threats and emulating attack scenarios, defenders of operational technology can gain valuable insights and improve their defense mechanisms.

Importance of Actionable Tools and Resources

Eric Goldstein, the Executive Assistant Director for Cybersecurity at CISA, emphasizes the critical role of actionable tools and resources in supporting the critical infrastructure community. With the increasing frequency and sophistication of cyber threats targeting OT systems, it is vital to provide defenders with effective tools and resources to stay ahead of adversaries. The MITRE Calder for OT fills this gap by offering a practical and actionable solution to exercise and strengthen the defenses of critical systems.

Collaboration and Development

The MITRE Calder for OT extension builds upon the work of CISA and HSSEDI in automating adversary emulation simulations. The Control Environment Laboratory Resource (CELR) provided by CISA has been instrumental in this development. Leveraging the expertise of MITRE, renowned for creating the widely used ATT&CK framework for mapping threat actors’ techniques, tactics, and procedures (TTPs), the extension offers a comprehensive emulation capability. This collaboration reflects a collective effort to enhance the resilience of critical infrastructure against cyber threats.

Future Plans and Modules

MITRE, in collaboration with CISA and other organizations, is actively working on the next set of Caldera for OT open-source modules. These modules will further enhance the capabilities of the tool and enable defenders to simulate a broader range of attack scenarios. By continuously developing and expanding the resources available, MITRE and CISA strive to provide defenders with the necessary tools to bolster the security of operational technology and critical infrastructure.

Protecting Critical Infrastructure

Yosry Barsoum, Vice President and Director of the Center for Securing the Homeland at MITRE, highlights the significance of protecting the nation’s critical infrastructure. With the introduction of the MITRE Calder for OT, the partnership between MITRE and CISA aims to support defenders in exercising and improving the defense of operational technology systems. This collaborative effort ensures that critical infrastructure remains resilient against cyber threats and provides a robust defense against potential attacks.

Alignment with National Cybersecurity Strategy

The release of MITRE Calder for OT aligns with the US National Cybersecurity Strategy and President Biden’s Executive Order on Improving the Nation’s Cybersecurity. The government’s focus on hardening the security of critical infrastructure underscores the importance of investing in tools and resources that can strengthen defenses against cyber threats. The partnership between MITRE and CISA plays a pivotal role in achieving these strategic objectives and safeguarding the nation’s critical infrastructure.

The release of the MITRE Calder for OT represents a significant milestone in the ongoing battle to protect critical infrastructure from cyber threats. By providing defenders with an open-source tool and actionable resources, MITRE and CISA are empowering organizations to strengthen the security of their OT systems. This collaboration demonstrates a shared commitment to bolstering the defenses of operational technology and enhancing the resilience of critical infrastructure. Moving forward, continued collaboration and development in the field of cybersecurity will be essential to stay ahead of evolving cyber threats and safeguard the nation’s critical infrastructure.

Explore more

Why Are Small Businesses Losing Confidence in Marketing?

In the ever-evolving landscape of commerce, small and mid-sized businesses (SMBs) globally are grappling with a perplexing challenge: despite pouring more time, energy, and resources into marketing, their confidence in achieving impactful results is waning, and recent findings reveal a stark reality where only a fraction of these businesses feel assured about their strategies. Many struggle to measure success or

How Are AI Agents Revolutionizing Chatbot Marketing?

In an era where digital interaction shapes customer expectations, Artificial Intelligence (AI) is fundamentally altering the landscape of chatbot marketing with unprecedented advancements. Once limited to answering basic queries through rigid scripts, chatbots have evolved into sophisticated AI agents capable of managing intricate workflows and delivering seamless engagement. Innovations like Silverback AI Chatbot’s updated framework exemplify this transformation, pushing the

How Does Klaviyo Lead AI-Driven B2C Marketing in 2025?

In today’s rapidly shifting landscape of business-to-consumer (B2C) marketing, artificial intelligence (AI) has emerged as a pivotal force, reshaping how brands forge connections with their audiences. At the forefront of this transformation stands Klaviyo, a marketing platform that has solidified its reputation as an industry pioneer. By harnessing sophisticated AI technologies, Klaviyo enables companies to craft highly personalized customer experiences,

How Does Azure’s Trusted Launch Upgrade Enhance Security?

In an era where cyber threats are becoming increasingly sophisticated, businesses running workloads in the cloud face constant challenges in safeguarding their virtual environments from advanced attacks like bootkits and firmware exploits. A significant step forward in addressing these concerns has emerged with a recent update from Microsoft, introducing in-place upgrades for a key security feature on Azure Virtual Machines

How Does Digi Power X Lead with ARMS 200 AI Data Centers?

In an era where artificial intelligence is reshaping industries at an unprecedented pace, the demand for robust, reliable, and scalable data center infrastructure has never been higher, and Digi Power X is stepping up to meet this challenge head-on with innovative solutions. This NASDAQ-listed energy infrastructure company, under the ticker DGXX, recently made headlines with a groundbreaking achievement through its