We offer industrial security and solutions with a comprehensive approach beyond just network security. We protect the integrity and availability of your complex automation solutions. Our industrial security services will help you effectively assess, implement, and maintain ICS security within operations. We enable transformational technologies that rely on enterprise connectivity. The security landscape is ever-changing so you need a partner who will help you manage the constantly evolving risk. To do that effectively, you need a partner who you can trust and who is transparent in approach.
Field consulting services to help assess design, implement, and manage solutions
Network security, content protection, tamper detection, and access control solutions
Stay current with patch management, subscription licensing, and advisories
A fully connected enterprise requires a comprehensive approach to industrial security. This approach includes policies and procedures that address people, process, and technology-related risks. A complex, interconnected system includes challenges. It is critical to understand the potential risks and start building security into your industrial automation control systems.
Industrial assets require a defense-in-depth security approach that addresses both internal and external security threats. A defense-in-depth security architecture is based on the idea that any one point of protection may be defeated. This approach uses physical, electronic, and procedural layers of defense, and applies the appropriate controls that address different types of risks.
We can help you manage potential threats and build a more secure industrial control system that meets your needs. We have unique capabilities and expertise to address industrial security needs, reduce risk, and enable uptime in control systems.
We collaborate with partners and research institutions to develop robust, more secure products for industrial environments. To verify that our products meet those requirements, our Security Development Lifecycle has been certified to ISA/IEC 62443-4-1. We also work with national response organizations, such as ICS-CERT, to notify the broader community as vulnerabilities are identified.
Use this Security Assessment Tool to help you benchmark your current industrial security level of risk. You can compare yourself against other organizations in your industries, and start identifying methods to mitigate potential security risks.
We take the security of our products and customers seriously. When product security vulnerabilities are reported, the Rockwell Automation Product Security Incident Response Team (RA PSIRT) initiates its vulnerability management process. This process aligns to IEC 29147 and 30111 for Vulnerability Handling and Disclosure. As part of its strong support of responsible disclosure practices, the RA PSIRT actively works with external researching bodies to identify and resolve validated vulnerability reports. Upon the availability of strong mitigating actions, they develop and coordinate the publication of a security advisory. This advisory includes both the researching body and/or national response organizations (such as ICS-CERT) which helps us communicate and notify the broader industrial community.
Our Trusted and Transparent model strives to drive security awareness in the industrial space. It encourages customers to make informed decisions about the steps they take to improve their security posture.
The Cyber Security Management Certificate (ISA/IEC 62443-4-1) reinforces the secure product development requirements through the implementation of the Security Development Lifecycle for our design processes.
The newly enhanced Allen-Bradley ControlLogix 5580 controller is the world’s first controller to be certified compliant with today’s most robust control system security standard, TÜV Rheinland ISA/IEC 62443-4-2. The standard defines the technical security requirements for industrial automation and control system components.
Rockwell Automation received certification (ISA/IEC 62443-2-4) as a service provider for the integration, design, and deployment of automation solutions.The standard defines the security requirements for industrial automation and control service providers.