Identifying and mitigating industrial security risks are essential considerations for all industrial control systems (ICS) to enhance the protection of people, property, and information. Rockwell Automation provides ICS security owners OT patch management and product/system upgrade programs to keep these systems current. Additionally, we communicate timely and actionable information through security advisories to keep security teams alerted to issues that can impact ICS.
Security Alerts and Advisories
The importance of securing Industrial Control Systems
As the world leader in industrial automation, Rockwell Automation recognizes the importance of protecting industrial control systems. We build ever-increasing levels of security in our products to better defend and preserve your production operations.
For this reason, our security design, testing, and manufacturing processes are complemented with a continual improvement process, helping to address and communicate risks we may learn about well after our products are put to use.
When product security vulnerabilities are reported, an incident response process is activated to investigate, determine appropriate mitigations, and communicate timely information to customers. Rockwell Automation actively works with research communities to identify and resolve vulnerabilities and with national response organizations, such as the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), to communicate and notify the broader industrial community.
As threats evolve, security becomes a collaborative necessity. Our transparency is meant to drive awareness and encourage customers to make informed decisions on steps they should take to improve their security.
OT Patch Management Programs
Keeping systems current keeps your enterprise safer
Patch management programs must include policies, processes, and procedures to help ensure the security and operational integrity of industrial control products and systems.
Microsoft releases a range of security updates, operating systems, and other software updates to help improve security. Rockwell Automation qualifies certain Microsoft updates for software that impact our products and promotes continued planning and investment throughout the development lifecycle. This planning helps you move toward newer products and technologies, as existing product support and availability ends, or as products reach an end to their useful life.
The need to patch vulnerabilities is clear, yet handling OT patching on your own is often complex. In a recent survey of industrial security leaders, only 34% had effective OT patch management in place. Our expertise in OT patch management can help you address this complex situation, evaluating your infrastructure and recommending and/or managing the right steps.
Industrial Security Reference Architectures
Design considerations for securing industrial automation networks
Rockwell Automation collaborated with Cisco to develop Converged Plantwide Ethernet (CPwE) architecture, a proven approach to securing communications within plants and production operations.
CPwE helps prevent cyberattacks from successfully breaching networks and controllers through communications networks. CPwE is a proven approach for Man-in-the-Middle attack prevention, for example.
Rockwell Automation provides education, design guidance, and best practices around CPwE architecture. These documents supply design considerations for deploying a holistic defense in depth industrial security policy to help secure networked assets – such as the specific design considerations for the successful design and deployment of an Industrial Demilitarized Zone (IDMZ). You can also use Cisco Identity Services Engine within industrial automation plant-wide architectures.