Industrial Automation Manufacturers Acquiring Cybersecurity Firms to Enhance Protection
The Trend of Acquisitions
Manufacturers of industrial automation and control systems are intensifying their efforts to bolster cybersecurity by acquiring specialized firms in the field. This week, Rockwell Automation announced its agreement to purchase Verve Industrial Protection, a cybersecurity software and services company. The acquisition will see Verve become part of Rockwell’s Lifecycle Services division. This move follows Honeywell’s commitment in July to acquire SCADAfence, an operational technology and IoT security firm, in order to gain asset discovery and threat detection capabilities. Siemens also recently announced its partnership with Tenable on an all-in-one testing suite for industrial networks, with plans to incorporate more third-party tools in the future. These acquisitions and partnerships are aimed at addressing the cybersecurity vulnerabilities in industrial control systems (ICS) and the industrial Internet of Things (IIoT).
The Motivation Behind Acquisitions
The increasing urgency for cybersecurity services in the industrial sector stems from several factors. First, end-user clients of original equipment manufacturers (OEMs) have become vocal about purchasing multimillion-dollar assets that are riddled with vulnerabilities and misconfigurations. As a result, they often have to pay substantial support service fees to rectify these issues downstream. Second, large ICS vendors like Honeywell, Siemens, and Rockwell are looking to create additional sales channels by offering cybersecurity products and services. This strategic move could prove lucrative for manufacturers but its success is yet to be determined, especially during challenging times.
The Escalating Threat Landscape
Increase in Attacks Targeting ICS and IIoT
The recent acquisition announcements coincide with a rise in cyberattacks targeting industrial control systems and the industrial Internet of Things. Notably, the attack on Colonial Pipeline’s information systems in May 2021 led to the shutdown of pipelines, resulting in a fuel shortage along the East Coast of the United States. Additionally, a report by Rockwell Automation revealed that 77% of attacks on critical infrastructure originated from state-affiliated actors and organized criminal groups. The energy sector bore the brunt of these attacks, accounting for 39%, while critical manufacturing, transportation, and nuclear sectors each accounted for around 10% of the attacks.
Targeted Malware and Vulnerabilities
Attackers are increasingly employing tailored malware to exploit industrial automation and safety equipment. Meanwhile, defenders are struggling to cope with a growing number of disclosed vulnerabilities in industrial cyber-physical systems. Rockwell Automation’s report highlights that the majority (84%) of attacks have occurred through IT networks, with only 14% initially infecting an OT (Operational Technology) device. To tackle this threat landscape effectively, operators of industrial systems need to have clear visibility into their OT and IT networks, identify vulnerable devices, and prioritize patching.
Security Challenges in Industrial Automation
Visibility and Legacy Equipment
The Rockwell-Verve merger aims to tackle the lack of visibility into devices and equipment deployed in operational networks within the industrial control system and automation industries. Patching equipment with lifecycles spanning decades poses a complex problem when dealing with software that has lifecycles of only a few years. Rockwell Automation has made strides in addressing this challenge by implementing signed firmware and supporting CIP Security for defense-in-depth, leveraging device identification and authentication using certificates. However, industrial automation providers still need further improvement to gain customers’ trust in prioritizing security over profit.
Unproven Role of ICS Vendors in Security
Despite these advancements, it remains uncertain whether asset owners will trust ICS vendors to be transparent about risks, especially if it reflects poorly on their own systems or positively on a competitor. Therefore, the potential for ICS vendors to serve as channels for ICS security products and services is still unproven.
Conclusion and Recommendations
Emphasizing Asset-Centric Security Approaches
The acquisitions made by industrial automation manufacturers demonstrate their commitment to addressing cybersecurity vulnerabilities in industrial control systems. Moving forward, a shift from a network-centric view of security to an asset-centric one is crucial. This means understanding the assets within OT and IT networks, identifying vulnerabilities, and implementing comprehensive patching strategies.
The Need for Collaboration and Transparency
Given the complex challenges in securing industrial automation, collaboration between manufacturers, cybersecurity firms, and asset owners is vital. ICS vendors must be transparent about risks and actively work towards improving security measures, even if it means acknowledging their own shortcomings. By prioritizing collaboration and transparency, the industrial automation industry can establish trust with its customers and enhance cybersecurity across critical infrastructure.
Promoting Research and Development
To stay ahead of evolving threats, continued investment in research and development is crucial. Industrial automation manufacturers should allocate resources to identify and address emerging vulnerabilities and develop innovative solutions. Moreover, fostering partnerships with specialized cybersecurity firms and third-party testing tool providers can help facilitate comprehensive security assessments and mitigate potential risks.
Regulatory Support and Compliance
Regulatory bodies should play a role in setting clear cybersecurity standards for industrial automation manufacturers. By establishing requirements and guidelines, regulators can ensure that cybersecurity measures are consistently applied across the industry. Compliance with these standards will provide assurance to asset owners and increase the overall security posture of industrial control systems.
In conclusion, the increasing focus on cybersecurity in the industrial automation sector through acquisitions and partnerships demonstrates a recognition of the evolving threat landscape. However, addressing the inherent challenges, unifying stakeholders, and building trust with customers will be essential for the success of these initiatives. With continued commitment and collaboration, the industrial automation industry can strengthen its defenses and protect critical infrastructure from cyber threats.
<< photo by Pixabay >>
The image is for illustrative purposes only and does not depict the actual situation.
You might want to read !
- Uncertainty and Innovation: AI Security Firm Cranium Raises $25 Million
- Israel-Hamas Cyber Battle: Escalating Cyber Operations Unveiled
- “Inside the Intrigue: Unveiling the Connection Between the ‘YoroTrooper’ Espionage Group and Kazakhstan”
- Accelerating Cybersecurity in Latin America: Accenture’s Acquisition of MNEMO Mexico
- Rockwell Automation Issues Urgent Alert to Customers on Critical Cisco Zero-Day Vulnerability Impacting Stratix Switches
- Blockaid Takes the Blockchain World by Storm with $33 Million Investment
- XWorm and Remcos RAT: Analyzing the Implications of Their Evasion Tactics on Critical Infrastructure Security
