Industrial organisations are converging historically separate information technology (IT) and operations technology (OT) systems, and using mobile, analytics and cloud to increase connectivity and information sharing.
This is significantly improving operations but also creating more potential entrance points for security threats.
Industrial organisations are operating in ways they scarcely could have imagined a few decades ago.
Rockwell Automation has developed a three-step approach for building an industrial security programme that extends from the enterprise to the plant level, and helps mitigate risk across people, processes and technology.
The three steps include: security assessment – conduct a facility-wide assessment to understand risk areas and potential threats; defence-in-depth security – deploy a multi-layered security approach that establishes multiple tiers of defence; and trusted vendors – verify that your automation vendors follow core security principles when designing their products.
“We think of industrial security as a layered model and seek to create a unified infrastructure for customers,” said Lee Lane, chief product security officer, Rockwell Automation. “Our approach takes into account the connections between network security, as well as the physical security and safety in industrial areas,” added Lane.
For industrial organisations, security threats will continue to evolve. To keep pace, a holistic security programme should evolve with and stay ahead of the changing threat landscape. Following the three-step approach will help organisations establish a programme that can help protect intellectual property, facilities, assets, employees and competitive advantages into the future.
