Rockwell Automation and Claroty: Tailoring Security to OT's Unique Requirements
By Deana Shick, Product Security Incident Response Team (PSIRT) Lead, Rockwell Automation | October 09, 2020
IT/OT convergence is creating new possibilities in production, such as data-driven decision making and remote support and collaboration, which has become essential during the pandemic. But with these possibilities has come the realization a new approach to cybersecurity is needed to protect today’s connected OT environments.
Simply put, you can’t secure OT environments the same way you secure IT environments. OT environments have their own networks, technologies, and business priorities, all of which must be uniquely addressed in your security efforts. Cybersecurity incidents can also have different consequences in OT environments, including costly production stoppages and the potential for human harm.
To help protect OT networks, you need tools and skill sets that are tailored to the network activity and risks specific to them.
Tools for securing OT environments have come a long way in recent years, but many companies still don’t have the right positions or specialized skill sets in place. Because of this, they’re turning to threat-detection services that combine OT expertise with security tools designed specifically for OT environments.
Detecting, responding to, and recovering from threats to your OT environments are all part of a holistic cybersecurity approach and key to combating top risks such as ransomware. It’s crucial that you tailor these activities to the demands of the OT environment.
For example, using active network monitoring to detect threats can add traffic to your network and potentially disrupt critical OT communications. Also, traditional IT tools may not understand the protocols used by OT equipment.
Leading threat-detection tools that are designed specifically for OT environments can help you avoid these problems.
Visibility and threat-detection software from Claroty, for instance, leverages passive networking technology. This allows the software to do many things, such as identify assets, profile network communications, and identify vulnerabilities, without disrupting communications. The tool can also monitor OT network traffic at its deepest levels to find and report anomalies.
And when this tool is used as part of a managed threat-detection service with remote monitoring, it can create a holistic OT security solution that can help you manage your vulnerabilities even if you don’t have specialized IT/OT skill sets in place.
Protect What You Connect
Rockwell Automation and Claroty joined forces specifically to help companies address the challenge of securing OT environments.
Our threat-detection services and remote access capabilities combine our OT knowledge, global reach and managed support offerings with Claroty’s OT visibility and threat-detection software. We can help assess and design your network infrastructure to help make sure you have visibility into your OT assets, and identify normal network behavior. Then, we detect and alert you of activity that does not conform to that pattern or baseline. And if a security event is realized, our backup, recovery, and response services can serve as a valuable lifeline.
Already today, Rockwell Automation and Claroty are helping companies around the world strengthen their OT cybersecurity. In one instance, we helped a major life sciences company quickly discover and profile all of its OT assets, as well as detect anomalies and known threats in real time.
Defend What You Know
Our combined efforts go well beyond our joint offerings. Claroty also helps us strengthen the security of our products. They share their research with us, and our Product Security Incident Response Team (PSIRT) has a tremendous working relationship with them. They help test the security of our products and notify PSIRT of potential vulnerabilities as part of our robust and transparent vulnerability-management efforts. This research ultimately helps make our products more secure.
The Rockwell Automation PSIRT discloses vulnerability information from all researchers so you can properly defend your assets. Without this valuable information, you could have blind spots that you would not otherwise know about.
Threat detection, remote access to infrastructure, response, and recovery are only a few components of a holistic cybersecurity approach. But they’re essential to protecting what matters most to you on an ongoing basis.
Learn more about how Rockwell Automation’s partnership with Claroty can help your organization overcome its toughest OT cybersecurity challenges.