Industrial Cybersecurity Navigates a New Normal

by , | Jan 28, 2025 | Control & Safety Systems, Cybersecurity | 0 comments

Cybersecurity is a critical concern for industrial manufacturers these days, particularly as high-profile incidents targeting plants have become the new normal. No organization wants to risk the production loss, safety concerns, and reputation damage that come with a cyber-attack. However, these same organizations are struggling to manage their cybersecurity posture. The defense-in-depth strategies, firewalls, and air-gapping they have long relied upon are no longer enough to keep threats at bay.

Alexandre Peixoto considers these new challenges as he explores modern industrial cybersecurity in a recent interview for Food Engineering magazine. Whether plants are only using traditional defense-in-depth strategies for their information technology (IT) and operational technology (OT) networks or are employing the newest technologies—like managed detection and response (MDR) or zero-trust architectures—they need to find solutions that mitigate the homogenous nature of plant technologies.

Navigating threats

The threats, Peixoto explains, are real. Some of the key exploits bad actors are using to access OT networks are not just vulnerabilities that can be fixed with a patch. Some are baked into the network architecture.

“Pipedream is a toolkit for hackers. For example, if an asset owner uses OPC UA communication protocol with their control system in the way its designed, they could be potentially vulnerable if a hacker takes advantage of Pipedream.”

This is where the concepts behind MDR and zero-trust really take hold. Both strategies fundamentally shift not just the organization’s posture, but also its security culture. Instead of trying to block and tackle every intrusion into the network, new technologies shift the focus to assuming that threats will occur, so teams should bar access to any but those who are pre-authorized and should practice an attitude of constant vigilance.

An experienced guide is a valuable asset

A culture shift is not an easy task to accomplish, Peixoto explains,

“Recently, a customer said, ‘Let’s do a pilot and I want the bill of material today for a zero-trust implementation’. Zero trust is not a “thing” yet, being a principle, we need to focus on the steps to go through a journey that targets a zero-trust implementation with a long-term strategy instead.”

Fortunately, experienced automation partners are ready to help users navigate this complex journey. It starts with the right hardware and software. Control systems like Emerson’s DeltaV™ distributed control system are hardened against intrusion, developed under Secure Development Lifecycle Assurance under IEC 62443.

But just as importantly, experienced automation suppliers like Emerson are constantly updating and maintaining the security posture of their products and can also provide a team of experts to help users identify the best security solutions to provide optimal protection for their automation infrastructure.

You can find a lot more advice for securing industrial systems against cyber-threats in the full article over at Food Engineering. Many contributors from the automation and security industries weigh in on current threats and best practices to help readers begin to build a roadmap for their own cybersecurity journey.

Popular Posts

Comments

Author

  • Emerson's Todd Walden
    Public Relations, Advertising & Social Media Consultant

Featured Expert

Follow Us

We invite you to follow us on Facebook, LinkedIn, Twitter and YouTube to stay up to date on the latest news, events and innovations that will help you face and solve your toughest challenges.

Do you want to reuse or translate content?

Just post a link to the entry and send us a quick note so we can share your work. Thank you very much.

Our Global Community

Emerson Exchange 365

The opinions expressed here are the personal opinions of the authors. Content published here is not read or approved by Emerson before it is posted and does not necessarily represent the views and opinions of Emerson.

PHP Code Snippets Powered By : XYZScripts.com