Cybersecurity: Securing Critical Infrastructure
Identifying cybersecurity vulnerabilities in critical infrastructure operations is crucial. You need concrete advice on how to minimize risks in the short term, while moving toward long-term cybersecurity plans and strategies that will continuously protect your production operations in the future. Rockwell Automation, the world leader in industrial automation and industrial cybersecurity, has surveyed 100+ security leaders in critical infrastructure industries, compiling their real-world advice and adding their own recommendations, to assist in prioritizing the best actions and investments for reducing risks quickly. Because of our strategic partnership with Rockwell Automation, we can bring these resources to you.
Take advantage of these great resources provided below.
Benchmark your cybersecurity preparedness against results from a recent research survey of security leaders by Rockwell Automation and ISMG.
In under 10 minutes, you’ll learn:
- How you compare to industry peers
- Where your largest gaps are
- Recommended steps to close gaps
Take the survey
Comprehensive Resource Guide
Rockwell Automation created this resource guide with more than 80 useful reference links, categorized and described, to provide shortcuts for learning about the evolving critical infrastructure threat landscape, the modern industrial cybersecurity practices used for defense, and steps to formulating your own plans and strategies. Download this resource guide to learn:
- OT Cybersecurity Basics and Best Practices
- Regulations: CISA (US and US gov't), Legal, NIS Directive (EU)
- Cybersecurity Roadmaps to Follow: NIST, MITRE ATTandCK, Sector-Specific Guides (US), IEC 62443, CAF (UK)
- NIST Breakdown (5 components) - Identify, Protect, Detect, Respond, Recover
- Resources for Designing an OT Architecture + Zero Trust and John Kindervag
- Understanding the US CI Grant: Use Rockwell Automation 's Free Plan Template
- Industry Specifics, such as Water/Wastewater, Utilities, Pipelines, Manufacturing
Retired U.S. General Gregory Touhill (Director of the Software Engineering Institute’s CERT Division) and former Rockwell Automation CISO Dawn Cappelli sat down for an interview with Information Security Media Group’s (ISMG) Tom Field, SVP of Editorial, to discuss the 2022 Rockwell Automation research report on cybersecurity preparedness in critical infrastructure. These industrial cybersecurity experts reviewed common gaps contributing to largely preventable breaches and a rising threat of broad, widespread critical infrastructure shutdowns, like those impacting Colonial Pipeline, JBS meat supplier and the Oldsmar, Florida water treatment facility.
This discussion examines:
- How a perfect storm is brewing, made up of rising OT attacks, mass disruptions, geopolitical tensions, under-budgeted security programs, common security gaps and enticing financial gains for ransomware criminals.
- Steps industrial organizations can take to quickly shore up cybersecurity preparedness, including supply chain risk assessments, asset inventorying, continuous threat monitoring and a written incident response plan.
- How to use the NIST cybersecurity framework as the basis of a reliable, ongoing cybersecurity plan, how to identify and prioritize business critical systems to enable zero trust strategies and develop a cybersecurity plan suitable for a US grant application with Rockwell Automation's free guide.
In this research report you'll learn where organizations are succeeding or failing to deploy key cybersecurity measures, including:
- How to avoid ‘The Big Shutdown.’ According to our 2022 survey, fewer than 1 in 5 organizations perform asset inventory audits frequently enough – allowing cybercriminals to stand up and take down a virtual machine before being detected.
- Which vulnerabilities to shore up first. Common vulnerabilities cited across five NIST cybersecurity framework categories can often lead to preventable breaches. For example, only 33% employ effective OT patch management today.
- Recommended steps to improve cybersecurity posture. Survey respondents and Rockwell Automation experts share insights to better prepare for the future and continuously improve resiliency.