Rockwell Automation is hosting its Automation Fair this week in Boston. One of the primary focuses this year is cybersecurity and the escalating threats to critical infrastructure.
The NIST framework provides a roadmap that organizations can follow to strengthen their cybersecurity posture. Network inventory audits, asset identification, risk scoring, and vulnerability assessments are for example crucial to understanding the specific threats and risks in these complex ecosystems.
Additionally, the SEC mandates that publicly traded companies disclose cybersecurity incidents that materially affect shareholder value.
Recent events, such as the Colonial Pipeline cyberattack, have indeed underscored the vulnerability of critical infrastructure systems including water, energy, and even transportation, and the necessity of taking proactive steps to secure them.
But it is not that simple. Industrial control systems often pose unique challenges due to the aging infrastructure and control systems used in these environments. So the journey to secure critical infrastructure is complex.
During the Automation Fair, Tessa Myers, Senior VP of Intelligent Devices at Rockwell Automation stated that:
‘IBM Securities Intelligence Index said that the number one most targeted industry is manufacturing and the attacks that all of us are experiencing are becoming more complex. And while smart technologies that we’re all deploying across our operations have the potential to transform the industry, there are still plenty of operations that are still dependent on legacy systems.”
Prior to the show, we interviewed Bruno Lignon and Pierre Paterni, Rockwell Automation’s experts on cybersecurity. The two experts explained how the American automation leader manages to reconcile the worlds of OT and IT to strengthen cybersecurity and ensure industrial system continuity and availability even in the most critical infrastructure. For them,
“Securing the industrial world is not the same thing as securing the corporate world.”
To help their clients better secure all their industrial assets, Rockwell Automation has recently acquired several cybersecurity companies. One of them is Verve which designed a solution with IT-level security in mind, but that will also address the operational technology (OT) challenges that are critical to today’s interconnected world.
Indeed, Verve’s active discovery system utilizes a proprietary approach to assess all assets, regardless of their manufacturer. This process is non-intrusive and does not adversely affect network performance or disrupt the production environment.
Verve’s offering also enables the aggregation of data from various partner products and technologies, such as continuous threat detection and endpoint protection. This consolidated data is then displayed and accessible in one unified interface within the application so that all parties have a comprehensive view of the security landscape and can quickly take action if needed.