Focus On Cybersecurity Threats That Really Matter

PB 25 Rockwell newlogo 400

May 26, 2021

By Carol Jors, Storyteller, Rockwell Automation

With greater connectivity comes greater risk for security threats. These threats can take many forms, from bad actor hackers to well-intentioned mistakes. Cybersecurity events can impact network availability, interrupt operations and halt productivity.

Even with a robust security program in place, protecting your industrial networks against cyber threats requires constant vigilance. Threat detection services can help you monitor and detect these increasingly complex threats.

Threat detection software identifies events that do not conform to an expected pattern or baseline within Industrial Control System (ICS) networks – any activity that may pose a risk to the availability of your system even before it happens. It can also help in determining internal threats or inspecting traffic without disrupting normal production.

Threat Detection and Fine Tuning

A potential challenge of threat detection software is the proliferation of alarms: Too many system alarms are just as harmful as too few. Without the ability to fine-tune your threat detection, you can quickly become overwhelmed with noise – and potentially let bad actors infiltrate your system.

Threat tuning – also called system tuning – optimizes the configuration of the continuous threat detection (CTD) software to help eliminate false positives and prioritize actionable alerts. Threat tuning helps prevent alert fatigue – a dangerous condition that arises when thousands of alerts flood the screen with non-actionable items. The concept is not new – what is novel is how threat tuning is expanding beyond information technology (IT) systems for adoption in operations technology (OT) through a service that allows operators to fine-tune the system themselves.

Saving Time and Effort

Without threat tuning, a system could generate thousands of alerts per shift with fewer than .01% connected to an action, equating to hundreds of hours a year chasing down unnecessary alarms.

“With the right threat tuning software, you can eliminate the 99.9% of alerts that don’t matter so your operators can concentrate only on the messages of value,” said Quade Nettles, Cybersecurity Services Product Manager, Rockwell Automation.

Such clarity in threat detection and the improved response rate improves an organization’s security posture and positions the cybersecurity team for greater long-term continuous threat detect success.

Rockwell Automation and Claroty have partnered to offer comprehensive OT security solutions. The Rockwell Automation Twinsburg, Ohio, manufacturing facility was a proving ground for Claroty’s threat tuning capabilities.

The pilot included IT and OT functions that could experience more than 10,000 alarms daily.

“These results help to quantify the value of threat tuning in the overall CTD investment and specifically, protect ROI,” said Gary Kneeland, Technical Director, Claroty. “While it’s enticing to jump into real-time monitoring, it’s important to include managed services like threat tuning to experience the full range of benefits.”

With the convergence of IT and OT, it’s important to identify cybersecurity risks to industrial assets. And, it’s more important than ever to work with industrial security software providers like Claroty, and managed services providers like Rockwell Automation – companies that fully understand operational functions within industrial protocols and work to help secure and manage industrial control networks.

Source

Related Articles


Changing Scene


Sponsored Content
The Easy Way to the Industrial IoT

The way to the Industrial IoT does not have to be complicated. Whether access to valuable data is required or new, data-driven services are to be generated, Weidmuller enables its customers to go from data to value the easy way. Weidmuller’s comprehensive and cutting-edge IIoT portfolio applies to greenfield and brownfield applications. Weidmuller offers components and solutions from data acquisition, data pre-processing, data communication and data analysis.

Visit Weidmuller’s Industrial IoT Portfolio.


ADVANCED Motion Controls Takes Servo Drives to New Heights (and Depths) with FlexPro Extended Environment Product Line

Advanced Motion Controls is proud to announce the addition of six new CANopen servo drives with Extended Environment capabilities to their FlexPro line. These new drives join AMC’s existing EtherCAT Extended Environment FlexPro drives, making the FlexPro line the go-to solution for motion control applications in harsh environments.

Many motion control applications take place in conditions that are less than ideal, such as extreme temperatures, high and low pressures, shocks and vibrations, and contamination. Electronics, including servo drives, can malfunction or sustain permanent damage in these conditions.

Read More


Service Wire Co. Announces New Titles for Key Executives

Bruce Kesler and Mark Gatewood have been given new titles and responsibilities for Service Wire Co.

Bruce Kesler has assumed the role of Senior Director – Business Development. Bruce will be responsible for Service Wire’s largest strategic accounts and our growing Strategic Accounts Team.

Mark Gatewood has been promoted to the role of Vice President – Sales & Marketing. In this role, Gatewood will lead the efforts of Service Wire Company’s entire sales and marketing organization in all market verticals.

Read More


Tri-Mach Announces the Purchase of an Additional 45,000 sq ft. Facility

Tri-Mach Elmira Facility

Recently, Tri-Mach Inc. was thrilled to announce the addition of a new 45,000 sq ft. facility. Located at 285 Union St., Elmira, ON, this facility expands Tri-Mach’s capabilities, allowing them to better serve the growing needs of their customers.

Positioning for growth, this additional facility will allow Tri-Mach to continue taking on large-scale projects, enhance product performance testing, and provide equipment storage for their customers. The building will also be the new home to their Skilled Trades Centre of Excellence.

Read More


JMP Parent Company, CONVERGIX Acquires AGR Automation, Expanding Global Reach

Convergix Automation Solutions has completed the acquisition of AGR Automation (“AGR”), a UK-based provider of custom, high-performance automation design and systems integration primarily to the life sciences industry.

Following Convergix’s acquisitions of JMP Solutions in August 2021 and Classic Design in February 2022, AGR marks the third investment in Crestview’s strategy to build Convergix into a diversified automation solutions provider targeting the global $500+ billion market, with a particular focus on the $70 billion global systems integration and connectivity segments. Financial terms of the transaction were not disclosed.

Read More


Latest Articles

  • Implementing Functional Safety Requirements

    Implementing Functional Safety Requirements

    The Safety Functional Requirements Specification (SFRS; sometimes referred to as SRS or Safety Requirements Specification) is the plan for the safety controls on a machine and is the second step of the safety lifecycle. The SFRS document serves as a framework for the safety control system design, is informed by prior work done in the… Read More…

  • From Endress+Hauser, 24/7 Digital, Plant-Wide Health Monitoring for Rockwell Systems Optimizes Workflows and Processes

    From Endress+Hauser, 24/7 Digital, Plant-Wide Health Monitoring for Rockwell Systems Optimizes Workflows and Processes

    Endress+Hauser’s Asset Health Monitoring Solution–Rockwell Edition, now available for installation, provides operators with a centralized, digital overview of plant-wide device health to avoid unscheduled shutdowns and accelerate troubleshooting. It not only presents early visibility of problematic devices but distinguishes itself by adding likely causes and remedies to such a report so problems can be fixed… Read More…