Threat Detection Services Help Manufacturers Take Proactive Approach to Industrial Security

Sept. 14, 2017
New services from Rockwell Automation alert operators of potential security threats

As the number of industrial security threats continues to rise, manufacturers are taking a closer look at risks to their environments. The new threat detection services from Rockwell Automation help manufacturers and industrial operators monitor, detect and respond to increasingly complex security threats.

Designed specifically for industrial networks, the new set of services map normal network behavior, and use Rockwell Automation monitoring services to detect and alert operators of irregularities and potential threats in real time. Integrating industrial security software from providers who understand operational functions within industrial protocols can help secure and optimize the industrial control network while offering visibility across all levels of the OT environment. This means not only threat detection, but real-time monitoring and deep network insights across your assets.

“We are seeing security threats bypass network perimeters more easily,” said John Kuenzler, director of Strategic Advisory Services, ARC Advisory Group. “In general, if you can’t prevent a threat before it enters the perimeter, the next best thing is to detect when it gets inside and has the potential to affect operations.”

The first step in successfully detecting threats is to be able to inventory your environment. The threat detection services take a product-agnostic approach to create a robust asset inventory across both IT and OT systems in an industrial operation. Diving deep into industrial network protocols, threat detection software maps all of the end user’s network assets and how they communicate with each other.

“Our threat detection services are a passive, nonintrusive security solution,” said Umair Masud, consulting services portfolio manager, Rockwell Automation. “This is crucial because we don’t want to adversely impact complex, industrial control systems by introducing new traffic onto the network."

Once the entire environment is charted, the tool identifies normal operating procedures and creates a baseline. Any deviations from this baseline are annunciated in the form of context rich alerts. The alerts are integrated with Rockwell Automation monitoring services to help inform the response and recovery process. This process includes incident impact analysis, containment and eradication protocols.

The end user is alerted if a security threat is detected, and the predetermined response plan is enacted based on the criticality of the anomaly. This plan includes defined workflows that safely outline the recovery steps to be taken to return to a fully operational state.

The new set of services is built on top of threat detection software, created by Claroty, an Encompass Product Partner of the Rockwell Automation PartnerNetwork program.

For more information, click here >>

Sponsored Recommendations

Why Go Beyond Traditional HMI/SCADA

Traditional HMI/SCADAs are being reinvented with today's growing dependence on mobile technology. Discover how AVEVA is implementing this software into your everyday devices to...

4 Reasons to move to a subscription model for your HMI/SCADA

Software-as-a-service (SaaS) gives you the technical and financial ability to respond to the changing market and provides efficient control across your entire enterprise—not just...

Is your HMI stuck in the stone age?

What happens when you adopt modern HMI solutions? Learn more about the future of operations control with these six modern HMI must-haves to help you turbocharge operator efficiency...