Loading

Security Incidents Happen. Be Prepared.

An incident response plan can limit damage and speed recovery
Watch Webinar Series On Demand
two workers in hardhats at oil and gas refinery plant form industry zone with sunrise and cloudy sky
Security Incidents Happen. Be Prepared.
An incident response plan can limit damage and speed recovery
Watch Webinar Series On Demand
Cybersecurity
    • Overview
    • Overview
    • Overview
    • Zero Trust
    • Zero Trust
    • Identity & Access Management
    • Identity & Access Management
    • IT / OT Convergence
    • IT / OT Convergence
    • CIP Security
    • CIP Security
    • Technology & Certification
    • Technology & Certification
    • Security & LifecycleIQ
    • Security & LifecycleIQ
    • Secure Digital Transformation
    • Secure Digital Transformation
    • NIST Cybersecurity Framework
    • NIST Cybersecurity Framework
    • Overview
    • Overview
    • Overview
    • Managed Services
    • Managed Services
    • Threat Detection
    • Threat Detection
    • Incident Response
    • Incident Response
    • SOC as a Service
    • SOC as a Service
    • IT Cybersecurity Services
    • IT Cybersecurity Services
    • Endpoint Protection
    • Endpoint Protection
    • Overview
    • Overview
    • Overview
    • Critical Infrastructure
    • Critical Infrastructure
    • Life Sciences
    • Life Sciences
    • Automotive
    • Automotive
    • Manufacturing
    • Manufacturing
    • Food & Beverage
    • Food & Beverage
    • Mining
    • Mining
    • Overview
    • Overview
    • Overview
    • Advisories & Support
    • Advisories & Support
    • Design & Planning
    • Design & Planning
    • Network Security
    • Network Security
    • Penetration Testing
    • Penetration Testing
    • Respond & Recover
    • Respond & Recover
    • Risk Assessment
    • Risk Assessment
    • Vulnerability Assessment
    • Vulnerability Assessment
  • World Class Partners
    • Blogs
    • Blogs
    • Press Releases
    • Press Releases
    • Webinars
    • Webinars
    • Whitepapers
    • Whitepapers

If a security event occurs, it’s critical you’re prepared to respond immediately to address the threat, which can limit damage and help speed recovery. Building on the expertise of our industrial security services team in networks and security, we will help you develop an action plan that uses proven methods to contain the incident and minimize damage. We are here to help support you throughout such a response.

Industrial cybersecurity and network connectivity concept

 

 

Consumed with Cybersecurity Concerns?

Join Rockwell Automation and Dragos for a three-part webinar series where we will give you a clear roadmap to a comprehensive security program for your organization. You will hear directly from industry-leading cybersecurity experts who have first-hand experience with remote access, threat hunting, incident response, and more.

Watch On Demand

Industrial Cybersecurity Services

Before, during and after an event

Your top priority, after a security-related downtime event, is to get production back up and running as quickly as possible. Our back-up and recovery services keep near real-time records of your production and application data, allowing you to recover quickly and return to production. Following system recovery, our industrial security services team also investigates the incident to help identify root causes and strengthen your resilience.

Effective Cybersecurity Incident Response Takes Planning
Two office workers siting beside each other typing on keyboards and viewing data on their monitors
Blog
Effective Cybersecurity Incident Response Takes Planning

Getting ahead of threats is central to what we do in our industrial security work at Rockwell Automation. Working with outside researchers is one way we do that.

Read Now

Chevron DownChevron Down
Video
Cybersecurity Incident Response Plan: Ready to Respond

We integrate industrial security software from providers who understand operational functions within industry protocols, help secure your network and respond to incidents.

Product Security Incident Response Framework

Cybersecurity in Industrial Control Systems

The Rockwell Automation Incident Response Framework is comprised of the following phases:

  1. Notification
  2. Assessment & Containment
  3. Remediation, Incident Post-mortem and Improvement Plan

This process supports customers and partners in instances where they may be potentially affected by a cybersecurity incident or breach.

When product security vulnerabilities are reported, we have a cybersecurity incident response process to investigate, determine appropriate mitigations and communicate timely information with our customers. We also actively work with research communities to identify and resolve vulnerabilities. We work with national response organizations, such as ICS-CERT, to communicate and notify the broader community.

Notification: The affected party should contact the Rockwell Automation Product Security Incident Response Team (RA PSIRT) via email at secure@ra.rockwell.com.

Assessment & Containment: The Incident Response Coordination Call serves to assess and assign the priority of response, which aids in determining the relevant response actions.

Remediation, Incident Post-mortem and Improvement Plan: Until the incident is remediated, RA PSIRT will coordinate additional calls with the affected party and regional persons of contact (POCs) every six to 24 hours for status updates.


The Unsung Heroes of Industrial Security: Researchers

It’s Vital that the Good People Discover Vulnerabilities First

That is why we’re grateful for the work done by the largely unheralded heroes of cybersecurity – researchers.

These people work diligently to uncover industrial security vulnerabilities. When they do so before the bad people and alert companies like ours, so we can fix them, they help prevent what could be major security incidents.

At Rockwell Automation, we embrace researchers. We actively work with them as part of our standards-aligned vulnerability handling and coordinated disclosure process. Outside researchers test industrial control products the same way that an adversary does: they look for flaws in systems and communications protocols and try to work their way in.

If a researcher finds a vulnerability in our products, they notify our Product Security Incident Response Team (PSIRT).

The Incident Response Plan: Know What to Do
male worker wearing safety gear reaches into industrial fire control system on industrial manufacturing plant floor
Whitepaper
The Incident Response Plan: Know What to Do

Our experienced cybersecurity experts can help you design the right incident response plan - complete, comprehensive and current with industry best practices.

Read Now
Contact a Rockwell Automation Cybersecurity Specialist
Contact Us
Recommended for You
Loading
  • Sales
  • Customer Care
  • TechConnect Support
  • General Questions
  1. Chevron LeftChevron Left Home Chevron RightChevron Right
  2. Chevron LeftChevron Left Cap... Chevron RightChevron Right
  3. Chevron LeftChevron Left Industrial Cybersecurity Solutions Chevron RightChevron Right
  4. Chevron LeftChevron Left Managed Services Chevron RightChevron Right
  5. Chevron LeftChevron Left Incident Response Chevron RightChevron Right