Executive Insights into Manufacturing Cybersecurity with Rockwell Automation and Dragos

Dragos invited me to sit in a webinar on Oct. 6 focusing on manufacturing cybersecurity featuring Robert M. Lee, CEO & Co-founder of Dragos, and Blake Moret, Chairman & CEO of Rockwell Automation. This is now available on demand.

They offered executive insight—both their own and executives of client companies—into the problems involving cybersecurity and what many companies are doing in defense. They offered some practical advice. 

They have found that CEOs and Boards realize the gravity of the situation and the necessity for quick action. Surprisingly many times the problem lies in the CISO organization. They get caught up in pilot purgatory without rolling out solutions in a timely manner. 

I wonder in your organization where the bottleneck to getting necessary systems implemented resides? I hope not with you. And if identified, what all can you do to pop that clog?

Back to the webinar, the  presenters pointed to such areas for improvement as limited OT network visibility, security perimeter challenges, unmanaged external connections, and the importance of separate IT/OT cybersecurity approaches.

In response, Rockwell Automation has offered guidance to customers about the need to prioritize cybersecurity. Moret, “Cybersecurity is the first thing on the list of things to get done, and the last thing on the list.”

I recently reported on a Rockwell paper detailing recent research on cybersecurity.

Lee discussed the Five Critical Controls for OT Cybersecurity:

  • Response Plan
  • Defensible Architecture
  • Visibility
  • Secure Remote Access
  • Key Vulnerability Management

The key takeaway—make cybersecurity a priority either strengthening your existing process or get busy building a secure process.

New Research Finds Cyberattacks Against Critical Infrastructure on the Rise

  • State-affiliated Groups Responsible for nearly 60%
  • 60% of incidents result in operational disruption, driving the need for proactive OT defenses and incident response

The topics of this time are Cybersecurity, Sustainability, and Workforce with the impact of AI playing on all three. This news from Rockwell Automation focuses on Cybersecurity. It has released a report on an in-depth study of the topic by Cyentia Institute. The report is comprehensive deserving of a thorough read.

Rockwell Automation announced the findings of its report “Anatomy of 100+ Cybersecurity Incidents in Industrial Operations.” The global study conducted by Cyentia Institute analyzed 122 cybersecurity events that included a direct compromise of operational technology (OT) and/or industrial control system (ICS) operations, collecting and reviewing nearly 100 data points for each incident.

Don’t think you are immune from global politics. Unfortunately.

The first edition of the report finds nearly 60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time). This corroborates other industry research showing OT/ICS security incidents are increasing in volume and frequency, and are targeting critical infrastructure, such as energy producers.

“Energy, critical manufacturing, water treatment and nuclear facilities are among the types of critical infrastructure industries under attack in the majority of reported incidents,” said Mark Cristiano, commercial director of Global Cybersecurity Services at Rockwell Automation. “Anticipating that stricter regulations and standards for reporting cybersecurity attacks will become commonplace, the market can expect to gain invaluable insights regarding the nature and severity of attacks and the defenses necessary to prevent them in the future.”

  • OT/ICS cybersecurity incidents in the last three years have already exceeded the total number reported between 1991-2000. 
  • Threat actors are most intensely focused on the energy sector (39% of attacks) – over three times more than the next most frequently attacked verticals, critical manufacturing (11%) and transportation (10%). 
  • Phishing remains the most popular attack technique (34%), underscoring the importance of cybersecurity tactics such as segmentation, air gapping, Zero Trust and security awareness training to mitigate risks. 
  • In more than half of OT/ICS incidents, Supervisory Control and Data Acquisition (SCADA) systems are targeted (53%), with Programmable Logic Controllers (PLCs) as the next-most-common target (22%).
  • More than 80% of threat actors come from outside organizations, yet insiders play an unintentional role in opening the door for threat actors in approximately one-third of incidents.  

In the OT/ICS incidents studied, 60% resulted in operational disruption and 40% resulted in unauthorized access or data exposure. However, the damage of cyberattacks extends beyond the impacted enterprise, as broader supply chains were also impacted 65% of the time.

The research indicates strengthening the security of IT systems is crucial to combatting cyberattacks on critical infrastructure and manufacturing facilities. More than 80% of the OT/ICS incidents analyzed started with an IT system compromise, attributed to increasing interconnectivity across IT and OT systems and applications. The IT network enables communication between OT networks and the outside world and acts as an entryway for OT threat actors. Deploying proper network architecture is critical to strengthening an organization’s cybersecurity defenses. It is no longer enough to simply implement a firewall between IT and OT environments. Because networks and devices are connected daily into OT/ICS environments, this exposes equipment in most industrial environments to sophisticated adversaries. Having a strong, modern OT/ICS security program must be a part of every industrial organization’s responsibility to maintain safe, secure operations and availability.

Methodology 

For this report, Rockwell Automation commissioned the Cyentia Institute to analyze data from 122 cybersecurity events across the globe, which occurred from 1982-2022. The Cyentia Institute’s team collected and analyzed nearly 100 data points surrounding individual incidents involving the direct compromise or disruption of OT/ICS systems. The resulting report was developed to share instructive insights about actual OT/ICS cybersecurity attack activity.

The Cyentia Institute is a research and data science firm dedicated to the mission of advancing knowledge in the cybersecurity industry. We accomplish this by partnering with a variety of organizations to perform comprehensive data analysis and publish high-quality, data-driven research. 

TradeBeyond Acquires Pivot88 

This is not exactly in my field, but this acquisition news opens a door on what’s happening in supply chain technology markets.

TradeBeyond announced that it has acquired Pivot88, the trusted SaaS provider of quality, compliance, and traceability solutions to brands and retailers around the world. 

Powered by Applied AI, Pivot88’s platform enables a 360-degree view of products from cradle to grave, equipping retail businesses with actionable supply chain data to mitigate risk. The company orchestrates quality and compliance processes across more than 50,000 supply chain partners in 112 countries. Its customers include many of the world’s largest and most recognizable brands and retailers.  

This strategic acquisition reinforces TradeBeyond’s commitment to offering the most comprehensive multi-enterprise platform to streamline retail supply chains, enabling businesses to bring products to market more efficiently, responsibly, and profitably. The combination of TradeBeyond’s deep solutions in product development, sourcing, and supply chain management with Pivot88’s rich, AI-powered functionality in quality, compliance, and traceability will create a powerful platform that is unparalleled in the market.

Since EQT’s investment into the company in 2022, TradeBeyond has invested heavily in organic growth, expanding its geographic reach and product offerings, particularly its ESG solutions. As a result, TradeBeyond is on track to double its recurring revenue growth in 2023. The Pivot88 acquisition is a major step in TradeBeyond’s M&A strategy to invest in pioneering solutions that will better serve its expanding customer base and capture a larger share of the growing SaaS supply chain market. 

This strategic move will not only deepen TradeBeyond’s service offerings but also enhance operational efficiency. By pooling resources and expertise with Pivot88, the combined entity will generate economies of scale that will strengthen its competitive standing, allowing both brands to better meet the evolving needs of the global supply chain landscape. 

Data Security Platform Developer Releases Two Announcements

Laminar Announces AWS Built-in Solution for Data Security

Here is a little IT news. A start up I’ve not heard about before, Laminar, has built a data security platform working with the large cloud providers. It has recently published two announcements. 

The first announcement reveals it has worked with Amazon Web Services (AWS) to complete an AWS built-in co-build solution that automatically installs, configures, and integrates with native AWS Cloud Foundational Services across multiple domains such as identity, security, and operations.

Laminar is a member of the AWS Partner Network (APN) that built their software solution to include foundational AWS services like AWS CloudTrail, AWS Control Tower, and AWS Organizations to decrease risk, reduce operational overhead, and provide consistent observability in cloud environments. Utilizing a well-architected Modular Code Repository (MCR) that is both validated by AWS and designed specifically to add value to a partner solution, Laminar is equipped to help customers achieve their goals for scale, simplicity, and cost savings.

“By utilizing an AWS built-in co-build solution with the Laminar Data Security Platform, organizations will be able to gain the visibility and control needed to continue cloud data growth across AWS services while keeping it protected,” said Amit Shaked, CEO and co-founder, Laminar.

Laminar’s AWS built-in solution comes built in with AWS CloudTrail, making it easier for customers to discover, classify, secure, and monitor their sensitive data in the cloud. By processing CloudTrail logs, Laminar provides automated data detection and response (DDR) – alerting customers to real-time threats to their data and streamlining quick remediation. Laminar also helps identify the root cause of the data threat with event timelines and data access flowcharts.

The news is the latest development in Laminar’s deepening relationship with AWS. The company was also selected to be a launch partner for Amazon Security Lake at AWS re:Invent last November. Furthermore, Laminar’s platform was the first pure-play data security posture management (DSPM) to be named an AWS Security Competency Partner in the new Data Protection category, and has received the Amazon Relational Database Service (RDS) Ready Product Designation.

Laminar Announced as Launch Partner for Wiz Integration (WIN) Platform

Laminar announces its partnership with leading cloud security provider, Wiz as the company unveils Wiz Integration (WIN) Platform. Laminar, hand selected as a launch partner, brings the power of the Laminar Data Security Platform to WIN, to improve customer understanding of how cloud vulnerabilities may put their sensitive data at risk.

The integration between Wiz and Laminar optimizes the value of both platforms while enabling organizations to more efficiently and effectively secure their public cloud environments. With this integration, data security teams can use the Laminar Platform to secure overexposed and unprotected data, remediate misplaced data, and delete any redundant, obsolete, or trivial (ROT) data — which ultimately ensures a more secure, hygienic data environment that meets compliance requirements. Pairing all of this data security posture with the Wiz platform allows cloud security teams to better understand how to prioritize cloud infrastructure vulnerabilities.

WIN enables Wiz and Laminar to share prioritized security findings with context including inventory, vulnerabilities, issues, and configuration findings. Mutual customers receive the following benefits:

  • Prevent Sensitive Data Exposure – Laminar enriches Wiz with a layer of data context that gives organizations additional visibility into the full impact of each attack path and issues.
  • Ruthless Prioritization – In collaboration with Laminar, Wiz enables infrastructure security teams to focus on issues that impact highly sensitive data first.
  • Streamline Collaboration and Remediation Workflows – With the joint solution, data security and infrastructure teams share data with a common view to contain and remediate risk faster.

WIN is designed to enable a cloud security operating model where security and cloud teams work collaboratively to understand and control risks across their CI/CD pipeline. Wiz is setting the industry standard in integrated solution strategy to maximize operational capabilities of organizations with partners like Laminar in WIN.

Snowflake Launches Manufacturing Data Cloud

Pundits and writers of the manufacturing market harp on data. Nassim Nicholas Taleb tells us in his writings that we can keep accumulating data until we drown. Snowflake has data management tools used by many to handle all the data. This is a new release called Snowflake Manufacturing Data Cloud that looks full of possibility.

  • Empowers manufacturers to collaborate with partners, suppliers, and customers to improve supply chain performance, product quality and factory efficiency
  • Snowflake’s ecosystem of manufacturing partners delivers pre-built solutions and industry datasets to support a diverse set of manufacturing and industrial use cases
  • Global manufacturers across industries, including ExxonMobil and Scania use Snowflake to drive digital transformation 

Snowflake Launches Manufacturing Data Cloud to Improve Supply Chain Performance and Power Smart Manufacturing

● The Manufacturing Data Cloud empowers manufacturers to collaborate with partners, suppliers, and customers to improve supply chain performance, product quality and factory efficiency

● Snowflake’s ecosystem of manufacturing partners delivers pre-built solutions and industry datasets to support a diverse set of manufacturing and industrial use cases

● Global manufacturers across industries, including ExxonMobil and Scania use Snowflake to drive digital transformation 

Manufacturing Data Cloud enables companies in automotive, technology, energy, and industrial sectors to unlock the value of their critical siloed industrial data by leveraging Snowflake’s data platform, Snowflake- and partner-delivered solutions, and industry-specific datasets. 

Following are a number of lists with details and use cases.

  • Building a data foundation: A single, fully-managed, secure platform for multi-cloud data consolidation with unified governance and elastic performance that supports virtually any scale of storage, compute, and users. It allows manufacturers to break down data silos by ingesting both IT and OT data and analyzing it alongside third-party partner data. 
  • Improving supply chain performance: Enable seamless data sharing and collaboration with partners for downstream and upstream visibility across an organization’s entire supply chain coupling its own data with data from third-party partners and data from Snowflake Marketplace. By leveraging this data with SQL and Snowpark, Snowflake’s developer framework for Python, Java, and Scala, different teams can collaborate on the same data and build AI and ML models.
  • Powering smart manufacturing: Native support for semi-structured, structured, and unstructured high volume Internet of Things (IoT) data. 
  • Leveraging industry leading network of manufacturing partners: Take advantage of a rich partner ecosystem and industry-specific, prebuilt templates. 

Partner Solutions

  • Applications Powered by Snowflake include ones developed by Blue Yonder, Elementum, and Avetta. 
  • Snowflake Marketplace partners, include FourKites and Yes Energy enabling live access to a variety of data sources.
  • Consulting and service organizations including Deloitte, LTIMindtree, and phData, offer pre-built solutions.
  • Technology leaders, including Fivetran and Tableau, provide integrations and out-of-the-box solutions. 

Customer use cases

  • ABB – The technology leader in electrification and automation is using Snowflake to unify all of its data, including incoming raw materials from suppliers, plant production capacity, and sales orders, to streamline manufacturing operations and meet customer demand. 
  • EDF –  The energy supplier for homes and businesses across the UK used Snowflake and its Snowpark Python development framework to build a complete machine learning operation solution in a few months, and deliver data products that lead to higher customer satisfaction and retention.
  • Molex – A leading manufacturer of connectors, is using the Snowflake Manufacturing Data Cloud to fuel their digital transformation journey, including sharing data securely across the organization and with external partners and generating manufacturing shop-floor and business KPIs. 
  • Scania – The truck, bus, and industrial engine manufacturer uses Snowflake to continuously stream data from 600,000 connected vehicles and Snowpark for Python to prepare data for machine learning, which gives the company a comprehensive view for monitoring vehicle performance and supporting Scania’s product-related services.

Meeting A New IT Company

[Updated 5/23/23]

An invitation came my way to talk with Alwyn Joseph, Chief Revenue Officer for FPT-USA. OK, I said, just what is that company? In brief, FPT is an information technology and services company based in Vietnam. This from a recent press release:

FPT Software is a global technology and IT services provider headquartered in Vietnam, with more than $632.5 million in revenue and 25,500 employees in 28 countries. As a pioneer in digital transformation, the company delivers world-class services in Smart factories, Digital platforms, RPA, AI, IoT, Cloud, AR/VR, BPO, and more. It has served 1000+ customers worldwide, a hundred of which are Fortune Global 500 companies in Automotive, Banking and Finance, Logistics & Transportation, Utilities, and more.

Joseph emphasized the company is more than just services, it is a technology company. It’s the second-largest ISP in Vietnam. The largest profit comes from work in the Americas. The leadership is intensely interested in helping people and even has developed a university with 100K students. They get intern work at FPT while in school. In fact, he added, the purpose of the company—it was founded to help community and nation building, invest in young people. It has brought many families out of poverty, creating healthy community.

I applaud the approach to projects—they start with the business outcome in mind. Too many engineers start with the engineering problem in mind and miss the big picture—why. He says they approach digital transformation initiatives to “think big, start smart, and scale very fast – with initial focus on 6-month projects, not 3-5 years.”

The latest news concerned the company positioned as a “Contender” in The Forrester Wave: Cloud Migration And Managed Service Partners In Asia Pacific, Q4 2022.

The report researched, analyzed, and scored the 14 most significant services providers across 27 criteria covering the current offering, strategy, and market presence. It shows that FPT Software received the highest score possible in the execution roadmap criterion. According to Forrester, “FPT Software has an impressive future roadmap and evidence that it has successfully delivered on its previous intentions.”

Additionally, the report stated that the company “supports delivery with its Japanese-inspired Digital Kaizen method and a cohesive, well-structured set of in-house developed tools… including the [platform CloudSuite] for multi-cloud management, monitoring, and cost optimization across AWS, Azure, and Google Cloud Platform (GCP)”.

It is always interesting to become acquainted with a new (to me) company.

Follow this blog

Get a weekly email of all new posts.