Blog > Automation > Cybercrime and Industrial Facilities
1/4/22 | Anita O'Brien Rexel Technical Consultant
Why are industrial companies a target for cybercrime? In the industrial world, we have a lot of systems that are often 20 years old or more. These legacy systems are often unpatched and have insecure designs. As a result, there is limited visibility as to what is out there and who has access control, and there may not be records of change control. Many companies simply don’t know what is connected and therefore they cannot secure it.
Why is cybersecurity critical? There is an increase in cybercrime and cyber threats in industrial environments. It’s important to understand the executive orders and regulations. Its imperative companies use the Converged Plantwide Ethernet (CPwE) tested and validated architectures and develop a defense in depth model.
The government now has laws to help protect the industry from cybercrime. The America’s Water Infrastructure act of 2018 is a U.S. federal law that requires completed and updated risk and resilience assessments every five years. It also requires an emergency response plan, and a letter of certification must be submitted to the USEPA.
This means that the “community water system or an asset of a community water system have the ability to adapt to or withstand the effects of a malevolent act or natural hazard without interruption to the assets or system’s function, or if the function is interrupted, to rapidly return to a normal operating condition.” There are fines for non-compliance daily.
There is also a federal law, executive order 14028, which requires an emergency response plan to “identify, detect, protect, deter and respond.” All of these regulations are in place to help prevent cybercrime, but implementing the right safeguards can seem daunting.
Rockwell Automation® is a great resource to help you because they understand this environment, and they have industrial networking divisions with certified teams for modernizing equipment and solutions for industrial cybersecurity. They understand the ISA/IEC, NIST, and the industrial control systems cyber emergency response team compliance and standards.
Rockwell Automation and Horizon Solutions can help you to identify risks. We identify threats, vulnerabilities, and the impact they have. We have capabilities in assessing your overall network and even provide you with an assessment of your cyber security risks and even provide mitigation strategies. We offer products and solutions to assist in defense in depth.
Rockwell Automation and its partners provide services to identify and protect, detect, and respond and recover from cybercrimes. From assessing your current assets, vulnerabilities, and risk, to creating security zones and countermeasure deployment, to detecting real-time threats, and remote monitoring capabilities. These services often lead to incident handling and backup and recovery solutions.
Ultimately, by partnering with Rockwell Automation and Horizon Solutions, we can help design the risk out, assist with compliance to security standards, and help with designing a maintenance strategy to provide visibility at every device and application. We help customers adopt security protocols and modernize where necessary.
To find out how we can help you, contact us today!