Organizations are converging historically separate information technology (IT) and operations technology (OT) systems and using mobile, analytics and cloud to increase connectivity and information sharing, according to Rockwell Automation. The company says this convergence significantly improves operations but also creates more potential entrance points for security threats. In response, Rockwell has developed a three-step approach for building an industrial security program that extends from the enterprise to the plant level and reportedly helps mitigate risk across people, processes and technology.
The three steps include:
- Security assessment: Conduct a facility-wide assessment to understand risk areas and potential threats.
- Defense-in-depth security: Deploy a multilayered security approach that establishes multiple tiers of defense.
- Trusted vendors: Verify that automation vendors follow core security principles when designing their products.
“We think of industrial security as a layered model and seek to create a unified infrastructure for customers,” says Lee Lane, chief product security officer, Rockwell Automation. “Our approach takes into account the connections between network security, as well as the physical security and safety in industrial areas.”
An e-book outlining the three-step approach is available on the Rockwell Automation online newsroom.
For more information, visit: www.rockwell.com