Whether we’re talking about manufacturing or really any other business, cybersecurity is a massive focus in today’s highly-connected world. For the course of this 4-part series, we’ll be teaming up with Rockwell Automation’s cybersecurity team to bring you actionable security advice for industrial manufacturers.
Episode 1 of 4: Why Security Matters
Steve Ludwig – Program Manager for Safety & Security at Rockwell Automation – joins us for our first episode. We start off with the basics as Steve shares why cybersecurity matters and why it’s a vital piece of a digital transformation journey; security isn’t just about protecting data and intellectual property, but assets, workers, and the environment as well.
We’ll cover security in the context IT and OT integration, discuss the inherent link between safety and cybersecurity, and wrap up with some discussion on where these cyber threats are actually coming from.
Please Scroll Down for Additional Episodes and a Full List of Cybersecurity Resources from Rockwell Automation
Enjoying the show? Please leave us a review here. Even one sentence helps. It’s feedback from Manufacturing All-Stars like you that keeps us going!
Interested in generating leads through videos, podcasts, or other digital content? Then make sure to check out our 6 Strategies for Growing Your Manufacturing Business Using Social Media.
Episode 2 of 4: Cybersecurity Fundamentals
“Shiny Object Syndrome” is a big issue when it comes to cybersecurity investments. That last thing you want to do is invest a lot of money into cybersecurity solutions before having a grasp on the fundamentals.
In this episode, we’ll cover the basic steps all enterprises should take to improve cybersecurity. Umair Masud – Rockwell’s Director of Technical Security Oversight to the CISO – will walk us through the the fundamentals of cybersecurity, focusing on 3 essential pieces of a good security program: Processes, People, and Technology.
We’ll explore these fundamentals, or “cyber hygiene” as they’re often called, in the context of security programs & risk assessments, specialized cybersecutiry jobs, and a deep-dive discussion around patch management.
Episode 3 of 4: Defense in Depth & NIST Framework
Asset inventory. Anti-malware strategy. Risk assessments to look at your overall OT readiness. There are more than a few investments that need to be made to have a robust industrial cybersecurity program. But it doesn’t have to be all-or-nothing, let alone a massive capex investment.
In this episode, Rockwell Automation’s Global Services Portfolio Commercial Team Lead Kamil Karmali returns to Manufacturing Happy Hour for the 3rd installment of our cybersecurity mini-series. Kamil first takes us through Defense in Depth, a multifaceted layering approach to security including policies, physical requirements, and even device-level requirements. Then, we define the NIST Framework and its 5 functional topics: identifying, protecting against, detecting, respond to, and recovering from cyber threats.
Kamil gives some great detail on “good, better, and best” approaches to cybersecurity that any manufacturing leader can act on regardless of the time and capital they have available. We even provide the perfect starting point along with some great case studies so that you know there’s more than one way to run a successful cybersecurity program.
Episode 4 of 4: ICS Product Security & Standards (ISA/IEC 62443)
In this last episode of our cybersecurity mini-series with Rockwell Automation, we’re switching our focus to industrial control system product security. This includes an overview of security standards like ISA/IEC 62443 and how they apply to ICS providers of products and services.
Seasoned security experts Megan Samford and Shoshana Wodzisz jump on the show this week to walk us through our topic. With their focus on global product security, we’ll dive into how ICS security fits into critical infrastructure, as well as the ins-and-outs of IEC 62443. From the importance of 3rd party certification to why it’s important to avoid repurposing IT standards, our series wraps up with some actionable details that every information security leader should hear.
- Rockwell Automation Industrial Security Website
- Why Cybersecurity Must be Part of Your Safety Plan, a blog post by Steve Ludwig