Automation Fair was this week. I expected many news releases. I’ve already reported on the one published. I checked out the “show daily” email from my friend Keith at Endeavor Media whose team reported on the presentations a series of executives made to the attending media. Not so much news as it was a survey of the breadth of Rockwell’s offering.
I think that was the theme—don’t think of Rockwell Automation from the point-of-view of controls and drives. Check all the acquisitions from Plex for cloud-based MES, FiiX for cloud-based CMMS, Verve for Cybersecurity, plus material handling and more. Looking at financials, the traditional industrial control product business still is the greatest contributor. Software and control is still next, but services are catching up to it.
These releases concern cybersecurity and partnerships with Dragos and Claroty.
Rockwell Automation will provide ICS/OT Cybersecurity Threat Detection Services, leveraging the Dragos Platform to help Industrial Manufacturers Secure their Environments
Dragos Inc. announced the expansion of its combined capabilities in partnership with Rockwell Automation. With this expansion, Rockwell will be making the Dragos Platform available to organizations for enhanced ICS/OT cybersecurity threat detection, providing global deployment services and support capabilities to help customers operationalize their security investment.
The threat detection capabilities build on the previous global agreement between Dragos and Rockwell for the OT Incident Response Retainer (IRR) program that helps industrial organizations prepare for, respond to, and recover from cyber incidents in OT environments.
- Improved threat detection and response across the entire industrial OT network.
- Greatly enhanced visibility into the OT environment allowing industrial organizations to inventory and monitor assets, track vulnerabilities, and leverage network monitoring to investigate issues and incidents.
- Fast, efficient, and effective threat detection to help maintain safety and uptime as a result of continuously updated knowledge packs focused on ICS networks for Rockwell-specific and third-party vendor hardware.
- The collective experience and intelligence of Dragos and Rockwell to enhance knowledge for industrial defenders, including whitepapers, webinars, and other resources.
- Rapid operationalization of cybersecurity investment with the global deployment and support footprint at Rockwell Automation.
Claroty and Rockwell Automation Expand Capabilities to Include SaaS-powered OT Security Solution xDome
Claroty announced an expansion of its capabilities with Rockwell Automation, Inc. with the addition of SaaS-powered industrial cybersecurity platform Claroty xDome to Rockwell Automation’s global services portfolio. Additionally, Rockwell Automation customers now have access to Claroty’s complete suite of cloud-based and on-premise OT security offerings.
Claroty xDome provides comprehensive security coverage, integrated interoperability, and deep bidirectional technology alliances. The partnership expansion highlights Rockwell’s pioneering stance in OT security by offering a cloud-hosted OT security solution to its customers. This step positions Rockwell on the vanguard of enabling secure digital transformation, underpinning the company’s dedication to innovation and security.
Rockwell Automation keeps its acquisition team busy. This announcement reveals an acquisition in the cybersecurity area bolstering the services business part of the company. Before long the services business will be larger than the software & control business. Still trailing the traditional product portfolio, though.
Rockwell Automation Inc., the world’s largest company dedicated to industrial automation and digital transformation, announced it has signed a definitive agreement to acquire Verve Industrial Protection, a cybersecurity software and services company that focuses specifically on industrial environments, expanding the offerings of Rockwell with an industry-leading asset inventory system and vulnerability management solution.
The Verve Security Center platform enables real-time asset inventory, vulnerability management, and risk remediation that will strengthen Rockwell’s current offerings and address these issues.
“The foundation of OT cybersecurity starts with visibility into assets – you can’t protect what you don’t know you have. This continues to be a critical challenge for manufacturers,” said Matt Fordenwalt, Rockwell’s senior vice president, Lifecycle Services. “With the Verve acquisition, our customers can quickly assess their assets, prioritize risk, and apply countermeasures to mitigate vulnerabilities – all within a single platform. The addition of Verve to our suite of solutions allows customers to further build resiliency and continuously improve the security, safety, and availability of their operations.”
The Verve Security Center platform was built to provide IT-level security while addressing the unique challenges of the OT environment. At the center of the Verve platform is an asset inventory system that recognizes all industrial assets, regardless of manufacturer. Verve’s proprietary approach communicates directly with the assets, gathering critical information without impacting network performance and interrupting production. It then aggregates a wide range of data sources, including Rockwell’s partner technologies, into its platform as a “single pane of glass” that provides actionable insight for customers to quickly address their highest risk assets.
Verve professional services also provide ongoing remediation, along with strategic roadmap and business case development, further deepening Rockwell’s cybersecurity consulting capabilities. Going forward, customers will benefit from comprehensive capabilities that span the entire attack continuum with the combined expertise of Verve, Rockwell, and Rockwell’s technology partnerships.
The acquisition is subject to customary approvals and is expected to close in the first quarter of Rockwell’s fiscal year 2024. At close, Verve will report into Rockwell’s Lifecycle Services operating segment.
Betacom executives have been talking regularly with me about the company’s many wireless projects especially in manufacturing. This news release highlights working with MxD (Manufacturing x Digital), the National Center for Cybersecurity in Manufacturing along with Google Cloud and Ingram Micro. A case for partnerships advancing applications for practical use.
Private wireless pioneer Betacom, along with Google Cloud and Ingram Micro, today unveiled an exhibition of Industry 4.0 innovations at MxD (Manufacturing x Digital), the National Center for Cybersecurity in Manufacturing, that are redefining efficiency, productivity and competitiveness in manufacturing and supply chain industries. From smart automation and machine vision to predictive analytics and real-time inventory tracking, the technology leaders are showcasing real solutions for some of today’s most in-demand use cases, powered by private 5G, artificial intelligence (AI) and cloud technology.
The interactive exhibit is part of a collaborative effort to equip manufacturers with digital tools and expertise needed to increase productivity and strengthen U.S. manufacturing. By bringing together diverse technologies and device manufacturers on the Factory Floor Lab, Betacom, Google Cloud and Ingram Micro aim to accelerate manufacturers’ automation and digitalization initiatives by demonstrating complete solutions that are available today.
Betacom became a partner of MxD in 2022 to provide the organization’s Chicago headquarters with a fully managed private 5G network built on Zero Trust design principles. The network, one of the first indoor private 5G deployments in the U.S., is the foundation to develop and enable technologies that power Industry 4.0, including several application areas on display in this joint showcase:
- Smart Manufacturing – How machine vision, AI, data analytics, robotics, 5G and other technologies are revolutionizing manufacturing processes through automation to improve the efficiency, output quality and uptime of modern production lines.
- Digital Workforce – How mobile devices and productivity tools enabled by AI, machine learning and assisted reality capabilities can streamline worker tasks, automate visual inspection and enable new levels of remote collaboration on and off the factory floor.
- Resilient Supply Chain – How cloud based data analytics can help manufacturers understand supply chain risks to improve demand planning and optimize execution, as well as how wireless technologies are enhancing inventory and asset tracking applications to provide end-to-end visibility from production to delivery.
- Safety and Security – How today’s solutions are protecting critical assets and data from physical and cyberthreats, as well as creating safer workplaces for employees in hazardous environments.
The exhibit is open year-round. Learn more about the technology exhibit or to schedule a meeting for an onsite demonstration with our experts.
Dragos invited me to sit in a webinar on Oct. 6 focusing on manufacturing cybersecurity featuring Robert M. Lee, CEO & Co-founder of Dragos, and Blake Moret, Chairman & CEO of Rockwell Automation. This is now available on demand.
They offered executive insight—both their own and executives of client companies—into the problems involving cybersecurity and what many companies are doing in defense. They offered some practical advice.
They have found that CEOs and Boards realize the gravity of the situation and the necessity for quick action. Surprisingly many times the problem lies in the CISO organization. They get caught up in pilot purgatory without rolling out solutions in a timely manner.
I wonder in your organization where the bottleneck to getting necessary systems implemented resides? I hope not with you. And if identified, what all can you do to pop that clog?
Back to the webinar, the presenters pointed to such areas for improvement as limited OT network visibility, security perimeter challenges, unmanaged external connections, and the importance of separate IT/OT cybersecurity approaches.
In response, Rockwell Automation has offered guidance to customers about the need to prioritize cybersecurity. Moret, “Cybersecurity is the first thing on the list of things to get done, and the last thing on the list.”
I recently reported on a Rockwell paper detailing recent research on cybersecurity.
Lee discussed the Five Critical Controls for OT Cybersecurity:
- Response Plan
- Defensible Architecture
- Secure Remote Access
- Key Vulnerability Management
The key takeaway—make cybersecurity a priority either strengthening your existing process or get busy building a secure process.
Paul Simon wrote that it’s all happening at the zoo. Today, it’s all happening at the edge. ATT Cybersecurity has released its 2023 AT&T Cybersecurity Insights Report: Edge Ecosystem focusing on manufacturing companies worldwide. It explains how edge computing is changing manufacturing to solve operational issues and reduce costs. This report reveals what your peers are planning and doing to embrace edge computing.
The lead and author of the report, Head of Cybersecurity Evangelism at AT&T Business Theresa Lanowitz, states, “In the past, IT typically made technology decisions based on business and computing requirements they understood. Thanks to ongoing advances in computing, things are changing.”
She contends Edge computing is a transformative technology that brings together various stakeholders and aligns their interests to drive integrated business outcomes. The emergence of edge computing has been fueled by a generation of visionaries who grew up in the era of smartphones and limitless possibilities. In this paradigm, the role of IT has shifted from being the sole leader to a collaborative partner in delivering innovative edge computing solutions. In addition, we found that leaders in manufacturing are budgeting differently for edge use cases. These two things, along with an expanded approach to securing edge computing, were prioritized by the respondents in the 2023 AT&T Cybersecurity Insights Report: Edge Ecosystem.
Topline research findings
In 2023, the manufacturing respondents’ primary edge use case is smart warehousing, which involves deploying computing resources close to or on the warehouse floor. The enhanced productivity of warehouse employees, flexible logistics, and better optimization of warehouse space are some benefits of edge computing. This represents a shift from the primary use case in the 2022 AT&T Cybersecurity Insights Report: Securing the Edge, which focused on video-based quality inspection as the primary manufacturing edge computing use case.
Press releases concerning warehousing and logistics up and downstream constituted the majority of my inbox for the past few years. Looks like this is reflected in the research.
As manufacturing has evolved, the need for efficiency and speed is focused on moving goods out of warehouses and onto the next stop of either consumption or integration. The rising cost of labor and customer expectations for next-day or same-day deliveries drive the need for greater investments in rapidly understanding which products are most likely needed to fulfill a sales pipeline or supply chain.
This is AT&T Cybersecurity, after all, so it cites following cybersecurity challenges with the edge:
- Potentially more vulnerable data – especially when such devices are at risk of being stolen, lost or damaged.
- Legacy 4G threats, when the increased use of sensors and cameras on a production line can benefit from 5G capabilities and its enhanced encryption.
- Concerns regarding regulatory compliance, specifically when personally identifiable information (PII) is being transferred from the edge site to a different location.
- State-affiliated Groups Responsible for nearly 60%
- 60% of incidents result in operational disruption, driving the need for proactive OT defenses and incident response
The topics of this time are Cybersecurity, Sustainability, and Workforce with the impact of AI playing on all three. This news from Rockwell Automation focuses on Cybersecurity. It has released a report on an in-depth study of the topic by Cyentia Institute. The report is comprehensive deserving of a thorough read.
Rockwell Automation announced the findings of its report “Anatomy of 100+ Cybersecurity Incidents in Industrial Operations.” The global study conducted by Cyentia Institute analyzed 122 cybersecurity events that included a direct compromise of operational technology (OT) and/or industrial control system (ICS) operations, collecting and reviewing nearly 100 data points for each incident.
Don’t think you are immune from global politics. Unfortunately.
The first edition of the report finds nearly 60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time). This corroborates other industry research showing OT/ICS security incidents are increasing in volume and frequency, and are targeting critical infrastructure, such as energy producers.
“Energy, critical manufacturing, water treatment and nuclear facilities are among the types of critical infrastructure industries under attack in the majority of reported incidents,” said Mark Cristiano, commercial director of Global Cybersecurity Services at Rockwell Automation. “Anticipating that stricter regulations and standards for reporting cybersecurity attacks will become commonplace, the market can expect to gain invaluable insights regarding the nature and severity of attacks and the defenses necessary to prevent them in the future.”
- OT/ICS cybersecurity incidents in the last three years have already exceeded the total number reported between 1991-2000.
- Threat actors are most intensely focused on the energy sector (39% of attacks) – over three times more than the next most frequently attacked verticals, critical manufacturing (11%) and transportation (10%).
- Phishing remains the most popular attack technique (34%), underscoring the importance of cybersecurity tactics such as segmentation, air gapping, Zero Trust and security awareness training to mitigate risks.
- In more than half of OT/ICS incidents, Supervisory Control and Data Acquisition (SCADA) systems are targeted (53%), with Programmable Logic Controllers (PLCs) as the next-most-common target (22%).
- More than 80% of threat actors come from outside organizations, yet insiders play an unintentional role in opening the door for threat actors in approximately one-third of incidents.
In the OT/ICS incidents studied, 60% resulted in operational disruption and 40% resulted in unauthorized access or data exposure. However, the damage of cyberattacks extends beyond the impacted enterprise, as broader supply chains were also impacted 65% of the time.
The research indicates strengthening the security of IT systems is crucial to combatting cyberattacks on critical infrastructure and manufacturing facilities. More than 80% of the OT/ICS incidents analyzed started with an IT system compromise, attributed to increasing interconnectivity across IT and OT systems and applications. The IT network enables communication between OT networks and the outside world and acts as an entryway for OT threat actors. Deploying proper network architecture is critical to strengthening an organization’s cybersecurity defenses. It is no longer enough to simply implement a firewall between IT and OT environments. Because networks and devices are connected daily into OT/ICS environments, this exposes equipment in most industrial environments to sophisticated adversaries. Having a strong, modern OT/ICS security program must be a part of every industrial organization’s responsibility to maintain safe, secure operations and availability.
For this report, Rockwell Automation commissioned the Cyentia Institute to analyze data from 122 cybersecurity events across the globe, which occurred from 1982-2022. The Cyentia Institute’s team collected and analyzed nearly 100 data points surrounding individual incidents involving the direct compromise or disruption of OT/ICS systems. The resulting report was developed to share instructive insights about actual OT/ICS cybersecurity attack activity.
The Cyentia Institute is a research and data science firm dedicated to the mission of advancing knowledge in the cybersecurity industry. We accomplish this by partnering with a variety of organizations to perform comprehensive data analysis and publish high-quality, data-driven research.