Industrial automation company, Rockwell Automation, has outlined three key steps for building a comprehensive industrial security programme
For industrial organisations, security threats continue to evolve. The increasing integration of information technology (IT) and operations technology (OT) systems and the use of mobile, analytics and cloud to increase connectivity and information sharing creates significantly more potential entrance points for security threats.
To keep pace, a holistic security programme that evolves with and stays ahead of the changing threat landscape is necessary.
To address this, Rockwell Automation has developed a three-step approach for building an industrial security program that extends from the enterprise to the plant level, and helps mitigate risk across people, processes and technology. The three steps include:
· Security assessment: Conduct a facilitywide assessment to understand risk areas and potential threats
· Defense-in-depth security: Deploy a multilayered security approach that establishes multiple tiers of defense
· Trusted vendors: Verify that your automation vendors follow core security principles when designing their products
According to the company, following the three-step approach will help organisations establish a programme that can help protect intellectual property, facilities, assets, employees and competitive advantages into the future.
“We think of industrial security as a layered model and seek to create a unified infrastructure for customers,” said Lee Lane, chief product security officer at Rockwell Automation. “Our approach takes into account the connections between network security, as well as the physical security and safety in industrial areas.”
An e-book outlining the three-step approach is available on the Rockwell Automation webpage.
