by Gary Mintchell | Dec 3, 2025 | Security
Jennifer Faylor from Inductive Automation wrote this blog—Ignition 8.3 Pro Tips: Supercharge System Security—a few weeks ago offering some security tips for users of Ignition. There’s more. Check out the blog for the entire essay.
She begins, “In honor of Cybersecurity Awareness Month, this blog will delve into some of the Ignition 8.3 features that help you better secure your systems.”
The new industrial Secrets Management feature in Ignition 8.3 enables you to store secrets securely and protect them from unauthorized parties — a game-changer if you’re looking to boost SCADA password security. And coming soon in Ignition, you’ll also be able to integrate with third-party secrets management platforms such as HashiCorp Vault.
With Ignition 8.3, you get multiple layers of control system threat protection that align with the latest industrial cybersecurity standards to keep your data and assets safe. To highlight some of the new features: we’ve expanded functionality for LDAP authentication security by enabling extra LDAP attributes to be defined for the Active Directory, AD/Database Hybrid, and AD/Internal Hybrid user sources. We’ve also added two additional properties for nested group membership lookup and group role attributes for the Active Directory user source. Three new properties are now available for Ignition Internal Authentication: “Prohibit Password,” “Prohibit Username,” and “Maximum Consecutive Repeated Characters.” And the Administrator role is now automatically listed under the Authenticated/Roles security level when installing a fresh gateway.
The new security features also enable integrators to have visibility of a system’s configuration, while still maintaining good security for the system.
You can majorly step up your SCADA communication security thanks to one important new 8.3 feature: more secure data serialization with Remote Procedure Call (RPC) technology that uses Google Protobuf instead of Java serialization.
by Gary Mintchell | Nov 13, 2025 | Manufacturing IT, Security
Rockwell Automation has upgraded its cybersecurity offering for operations technology (OT) applications. Executives touted how Rockwell’s roots in operations roots its cybersecurity offering more naturally in the plant than IT-oriented solutions overlaid at a recent media briefing. They noted its OT-designed platform and security services empower industrial organizations to reduce risk, maximize uptime and simplify compliance across the full cybersecurity lifecycle.
Rockwell Automation announced the launch of SecureOT solution suite, a comprehensive industrial cybersecurity offering designed to help manufacturers and critical infrastructure protect critical operations and build secure environments.
As industrial operations become increasingly connected, organizations are facing a sharp rise in cyber threats targeting operations technology (OT) systems. Many legacy systems were never designed with cybersecurity in mind, and traditional IT tools often fail to protect complex, aging industrial environments. SecureOT was developed to close the gap, helping organizations secure their OT infrastructure with technology and expertise built for the realities of modern industrial operations.
SecureOT brings together Rockwell Automation’s purpose-built SecureOT Platform, professional services and managed security services into a unified solution that delivers end-to-end protection for complex, aging and highly regulated industrial systems.
- SecureOT Platform delivers real-time asset visibility, risk prioritization and vulnerability management across diverse vendor ecosystems.
- Through its professional services, SecureOT offers strategic advisory, assessments and implementation support to help organizations strengthen their security posture. Its managed security services provide continuous 24/7 monitoring and incident response from Rockwell’s dedicated OT Security Operations Center (SOC) and Network Operations Center (NOC).
- SecureOT aligns with globally recognized frameworks, including NIST CSF, NIS2 and IEC 62443, and takes a vendor-neutral approach to securing industrial control systems and technology stacks.
Use case examples:
- A leading oil & gas producer achieved full OT asset visibility and remediated critical risks across remote operations in just six months.
- A large beverage manufacturer migrated their aging industrial network and compute installed base to a fully managed and supported infrastructure across more than 150 sites globally.
- An energy company doubled its NIST CSF maturity scores while delivering measurable ROI to executive leadership.
- A power utility gained secure, real-time visibility into remote substations – achieving NERC CIP compliance and reducing costs through agentless monitoring.
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Nov 5, 2025 | Business, News, Security
More acquisitions in the market. Another cybersecurity company acquired. This one by Yokogawa. A lot of consolidation in the cybersecurity market. Among other things, Yokogawa cites this acquisition as creating a Digital Hub for Renewable Energy and Decarbonization.
Yokogawa Electric Corp. announced that it has acquired Intellisync, a provider of cybersecurity and digital transformation solutions, and WiSNAM, a developer of advanced grid control and energy management solutions. Both companies will be integrated into BaxEnergy, a wholly-owned subsidiary of Yokogawa that provides renewable energy management solutions. This will allow Yokogawa to expand its cybersecurity capabilities and advanced grid control products, and elevate its presence in the renewable energy sector through the creation of a digital hub.
Some background of the acquired companies.
Established in 2017, Intellisync’s expertise lies in cybersecurity as a service, defending customer assets against external threats and internal intrusions. It operates a dedicated 24/7 network and security operations center. Intellisync also offers vulnerability assessment, security testing, and consulting services covering digital transformation, data analytics, and artificial intelligence. By ensuring cybersecurity compliance across information technology (IT) and operational technology (OT) layers, this acquisition will accelerate Yokogawa’s ability to deliver robust cybersecurity solutions.
Established in 2010, WiSNAM specializes in hardware and software for controlling renewable and distributed energy resources. As one of WiSNAM’s flagship offerings, Power Plant Controller maximizes performance and yield in photovoltaic and hybrid plants by providing quick and precise data collection. It supports international grid codes* and offers high scalability, ranging from medium to large-scale installations, while ensuring the steady provision of grid-compliant power for medium and high-voltage systems.
Simone Massaro, CEO of BaxEnergy, said, “With these acquisitions, Yokogawa will accelerate the development of a new generation of software offerings that extend beyond renewable energy, delivering secure, high-performance solutions for decarbonization of energy-intensive industries.”
Koji Nakaoka, Yokogawa Electric executive vice president, executive officer, and head of the company’s Energy & Sustainability Business Headquarters, said, “By combining Intellisync’s 24/7 security operation and WiSNAM’s grid compliant Power Plant Controller, Yokogawa can offer end to end solutions that bridge IT and OT. The acquisition also strengthens Yokogawa’s software as a service (SaaS) and recurring revenue portfolio and accelerates the company’s shift toward digital transformation and autonomous operations.”
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Oct 29, 2025 | Business, Security, Technology
Greg Hale, writing in his newsletter from ISS Source:
While the cloud does not dominate the everyday mechanisms of the manufacturing automation sector, this week’s Amazon Web Services (AWS) outage shows a clear dependance on any one of the three main providers is something every organization needs to review. Only three cloud providers dominate the global market, and when any of them experience outages, the ripple effects are massive,” said Dewan Chowdhury, chief executive and founder of security provider, malcrawler. “Universities lose access to online portals. Restaurants cannot process digital orders. Critical infrastructure operators lose visibility into their devices. This concentration of control has created a fragile ecosystem where one failure can disrupt entire sectors.” Amazon said this week’s outage which occurred Monday was likely caused by issues related to its domain name system, or DNS, which converts website addresses into numeric ones, allowing websites and apps to load on Internet-connected devices.
I’m with the supposed root cause. I’ve recently had two major issues due to WPMU Dev dinking around with my DNS and IP addresses. One little change, and my website is down—and it’s up to me to trace the problem.
David Heinemeier-Hansen, CTO and co-founder of 37 Signals, recently reviewed the risk and costs involved with the company’s reliance on these cloud services. He concluded that for a company of their size, they were better off financially and with risk by building their own.
I’ve been in the midst of discussions in another arena with the same idea—risk management. These discussions have focused on data interoperability. A company allowing multiple proprietary data silos invites a higher risk profile from the inability to find and act on data prudently and promptly.
What are you doing to mitigate risk?
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Oct 13, 2025 | News, Security
Cybersecurity might be the most noted and least implemented technology in operations technology today. I’m reminded of the struggles for safety systems back in the day. We wanted people to be safe, but proving an ROI on something that doesn’t happen is tough. At any rate, I’m happy to see new cybersecurity capabilities releasing.
Dragos has announced Dragos Platform 3.0. The Dragos Platform’s new Insights Hub consolidates risk-based vulnerability, asset, and threat alerts into a single prioritized view, while streamlined workflows, AI-enhanced vulnerability processes, and smaller footprint deployment options dramatically reduce time-to-value for industrial organizations. A number of additional capabilities are included in 3.0 to simplify management and lower cost of operation.
“The cost of inaction is too high in OT. The latest updates to the Dragos Platform focus on giving industrial defenders the visibility, speed, and confidence they need to take action and reduce risk before incidents escalate,” said Robert M. Lee, CEO and co-founder of Dragos. “Alerts, detections, and recommendations are grounded in insights supported by Dragos OT threat intelligence, which is unmatched in the industry. We are helping organizations build operational resilience to ensure the industrial and critical infrastructure they defend is prepared for today’s threats as well as tomorrow’s.”
Dragos Platform 3.0 introduces new deployment options and cost models that make it possible to serve smaller sites with greater flexibility and accessibility. New device footprints, including a smaller STS-50 and combined Sensor/SiteStore, enable organizations to extend comprehensive OT visibility across their entire industrial footprint without compromising on security effectiveness. Expanded Active Collection supports a range of new use cases including air-gapped and intermittently connected sites, which extends visibility and vulnerability management to even the most isolated environments.
The Dragos Platform also features simplified management through centralized sensor configuration and administration, along with streamlined integration capabilities that enhance workflows with both OT systems and IT security operations.
For organizations seeking complete managed security, the Dragos Platform with OT Watch Complete provides expert-driven 24/7 security monitoring, ongoing platform tuning, proactive security hardening, threat hunting, and management of detections, triage, and investigation. The service helps customers strengthen defenses and realize value more quickly. Dragos is working with multiple partners to embed their service into their broader managed SOC / managed detection and response service, and also operates as a standalone offering.
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Aug 14, 2025 | News, Security
While I’m on a report kick, this cybersecurity research report is a month old (I’ve been busy and traveling). Most of the news I receive from security firms concerns research reports. If you’re not already aware that many threats are in the wild threatening your operations, then really there isn’t a lot of we can do for you.
This report from GuidePoint Security reveals a 45% year-over-year rise in active ransomware groups. The company has released its quarterly Ransomware & Cyber Threat Report from the GuidePoint Research and Intelligence Team (GRIT).
Covering the second quarter of 2025, the new GRIT Q2 2025 Ransomware & Cyber Threat Report offers exclusive in-depth analysis of the evolving Ransomware as a Service (RaaS) ecosystem, threat actor behaviors and emerging cybercrime trends—including a 45% year-over-year increase in the number of active ransomware groups.
The Q2 2025 Ransomware & Cyber Threat Report also investigates Iranian cyber threat activity, the growing momentum of the RaaS group DragonForce and law enforcement’s impact on Lumma Stealer, a prolific information-stealing malware favored by cyber criminals.
Key findings include:
- A 45% year-over-year increase in active ransomware groups, climbing from 45 in Q2 2024 to 71 in Q2 2025.
- Ransomware victim numbers remain elevated year-over-year (+43%), but a 23% decline in Q2 2025 hints at changing attacker patterns beyond seasonal norms.
- An 85% increase in activity from Qilin, the most active threat group of this quarter.
- 52% of observed ransomware victims in Q2 2025 were based in The United States, followed by Singapore (23%) and Canada (5%).
- The manufacturing, technology and legal industries were most heavily impacted by ransomware. Notably, the healthcare sector dropped out of the top five most targeted industries for the first time since Q2 2022.
The Ransomware & Cyber Threat Report is based on data obtained from publicly available resources, including threat groups themselves, as well as threat analyst insights into the ransomware threat landscape.
