Cybersecurity: Securing Critical Infrastructure
It is critical to identify cybersecurity vulnerabilities in Critical Infrastructure operations today. But we can’t stop at identifying these issues - and we can't delay taking action to better harden production operations. Security leaders across Critical Infrastructure industries need concrete advice right now to lessen risks in the near term, while moving toward long-term cybersecurity plans and strategies that will continuously protect the production operations the world relies on in the future.
Rockwell Automation, the world leader in industrial automation and industrial cybersecurity, has surveyed 100+ security leaders in Critical Infrastructure industries, compiling their real-world advice and adding their own recommendations, to assist in prioritizing the best actions and investments for reducing risks quickly.
As a Rockwell Automation strategic partner, we can share these valuable resources with you. The final resource, a quick self-assessment tool, lets you benchmark your cybersecurity preparedness against results from a recent research survey of Critical Infrastructure security leaders by Rockwell Automation and ISMG.
Comprehensive Resource Guide
Critical Infrastructure organizations are undergoing digital transformation, digitizing processes and adopting Internet of Things (IoT) technology to improve efficiency and reliability. The resulting connectivity of operational technology (OT) to the internet and the convergence between OT and IT have created extreme efficiencies, as well as new vulnerabilities and exposure to cybersecurity threats. Many of the principles for defending your IT environment apply to industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems and other OT. But securing OT has additional complexities and considerations.
Rockwell Automation created this resource guide with more than 80 useful reference links, categorized and described, to provide shortcuts for learning about the evolving Critical Infrastructure threat landscape, the modern industrial cybersecurity practices used for defense, and steps to formulating your own plans and strategies.
Retired U.S. General Gregory Touhill (Director of the Software Engineering Institute’s CERT Division) and former Rockwell Automation CISO Dawn Cappelli sat down for an interview with Information Security Media Group’s (ISMG) Tom Field, SVP of Editorial, to discuss the 2022 Rockwell Automation research report on cybersecurity preparedness in Critical Infrastructure.
These industrial cybersecurity experts reviewed common gaps contributing to largely preventable breaches and a rising threat of broad, widespread Critical Infrastructure shutdowns, like those impacting Colonial Pipeline, JBS meat supplier and the Oldsmar, Florida water treatment facility.
This discussion examines:
- How a perfect storm is brewing, made up of rising OT attacks, mass disruptions, geopolitical tensions, under-budgeted security programs, common security gaps, and enticing financial gains for ransomware criminals.
- Steps industrial organizations can take to quickly shore up cybersecurity preparedness, including supply chain risk assessments, asset inventorying, continuous threat monitoring, and a written incident response plan.
- How to use the NIST cybersecurity framework as the basis of a reliable, ongoing cybersecurity plan; identifying and prioritizing business critical systems to enable Zero Trust strategies; and developing a cybersecurity plan suitable for a US grant application with Rockwell Automation 's free guide.
In this research report you'll learn where organizations are succeeding or failing to deploy key cybersecurity measures, including:
- How to avoid ‘The Big Shutdown.’ According to our 2022 survey, fewer than 1 in 5 organizations perform asset inventory audits frequently enough – allowing cybercriminals to stand up and take down a virtual machine before being detected.
- Which vulnerabilities to shore up first. Common vulnerabilities cited across five NIST Cybersecurity Framework categories can often lead to preventable breaches. For example, only 33% employ effective OT patch management today.
- Recommended steps to improve cybersecurity posture. Survey respondents and Rockwell Automation experts share insights to better prepare for the future and continuously improve resiliency.
Looking for more information?
If you need more details or are looking to speak to someone about your cybersecurity needs, reach out to your account manager or local specialist.