Fortifying cybersecurity in manufacturing
The focus on new technologies, data and connectivity must be built on a foundation of security. However, Mark Cristiano (Global Commercial Director of Networks and Cybersecurity at Rockwell Automation) points out that, in the manufacturing sector, legacy equipment and network infrastructure is a major challenge. Although there was a spike in awareness of cybersecurity from 2017 with the media reporting of ransomware attacks such as NotPetya and WannaCry, Cristiano advises still not enough is being done to address the vulnerabilities. These cyber risks will only increase with AI, for example in the development of customized phishing emails. Beyond the direct risk to business, public companies that breach legislation can impact shareholder value.
To support customers, Cristiano recommended the National Institute of Standards and Technology (NIST) cybersecurity directives:
Identify
Detect
Protect
Respond
Recover
Govern (IT and OT infrastructure integration is key for this)
At the outset, asset identification is a starting point for risk scoring and vulnerability prioritisation. To expand capabilities in this area, on the 6th November Rockwell Automation announced the acquisition of Verve Industrial Protection – asset inventory system and vulnerability management solution, which has circa 150 employees. This will broaden Rockwell’s range of cybersecurity offerings within its Lifecycle Services operating segment.
Approaches manufacturers can take advantage of include:
Network segmentation – establishing the ability to control traffic and isolate
Risk assessments – identifying, evaluating and prioritizing risks and vulnerabilities in OT systems
Threat monitoring – installing a system to raise alerts when anomalies are identified
Incident response - preparing a clear and trialled cyber-attack response plan which includes roles and responsibilities
Auditing - continual update to track changes to your landscape, and effectiveness of deployed tooling and technology
To support customers with an operational technology (OT) focus to mitigate against vulnerabilities, Rockwell offers managed cybersecurity services via its security operations centre (SOC) in addition to cyber solutions with a number of partners including Cisco, Claroty, Crowdstrike, Dragos, and Fortinet.
At this point in time, Rockwell has not yet integrated Verve technology within its SOC offering, but this is on the roadmap. In the meantime, Verve technology and supporting services will continue to be sold as usual.
The OT security market has seen consolidation over the last few years, with many large security vendors acquiring specialist start-ups to bolster their IoT and OT offerings. Interestingly in the OT space, there is not just competition among large security vendors (Palo Alto Networks, Trend Micro, Fortinet etc.) and smaller innovators breaking into, and specialising in the market – but a wider range of IT and technology vendors in the industrial space, including industrial automation vendors.
Rockwell’s acquisition of Verve Industrial Protection adds to the growing trend of those rooted in the OT world now building a stronger presence in cybersecurity. Rockwell has traditionally offered services alongside its FactoryTalk software and asset inventory capabilities, in addition to cybersecurity risk assessments, threat detection, endpoint detection, incident response, and managed services – and the acquisition will bolster both its technology and its services.
Based on Omdia's research, organizations look to specialist security vendors for their security – rather than industrial automation vendors. As such Rockwell will have to ensure its value proposition is clear in messaging and how its recent acquisition is improving the services it already offers. Industrial automation vendors can offer deep expertise in the OT domain. Rockwell now has Verve, an OT security specialist solution, under its belt – enhancing its strong security services portfolio. This remains one of the biggest opportunities, with the vast majority of organizations looking to some form of managed service for their OT network security. That said, Rockwell will have to ensure its value proposition is clear in messaging and how its recent acquisition is improving the services it already offers in this highly competitive market.
Rockwell will tie the Verve portfolio into its coverage, with the approach of security ‘before, during and after’ an attack. The additional support from Verve’s technological capabilities, specifically inventory, assessment, and risk-based vulnerability management, aims to aid organizations at the early stages of their journeys in building out a cybersecurity posture tailored to their environments.
