Rockwell Automation brings SecureOT to industrial systems
Operational technology is the engine room of industry. It's what keeps mining operations running, ensures our energy supply and maintains manufacturing plants ticking along at maximum efficiency. And that makes them a significant target for criminals intent on causing disruption to critical systems.
In its most recent report, the Australian Cyber Security Centre reported an 11% increase in the number of attacks focussed on critical systems. Simon Cox, the Sales Manager - Cybersecurity for APAC at Rockwell Automation, says the company's longevity in this industry is key to its cybersecurity offerings.
"We're the biggest company in the world that's solely focused on industrial automation and digital transformation", Simon says. "We have end-to-end IT and OT cybersecurity services, and we're deeply embedded into the industrial environments we work in every day. We understand control systems. That's our bread and butter - it's what we do every day. We understand safety, uptime and production risks."
Rockwell Automation's global footprint covers a wide range of verticals ranging from life sciences to electric vehicle batteries, mining, utilities, and food and beverage. That experience in OT is critical and sits at the heart of Rockwell Automation's SecureOT service. SecureOT is backed with security and network operations centres operating 24/7 around the world. That's supported by an experienced Governance, Risk and Compliance practice and a team of OT security experts.
"While there are similarities between IT and OT security, there are some significant differences. IT focuses on confidentiality, integrity, and availability but OT prioritises safety and availability. You can't patch an OT system or reboot the systems because that affects production and can put people into unsafe situations. You can't apply an IT patch for a PLC because you could stop the plant or compromise someone's safety," he says.
There have been significant changes to the way security around OT is seen. The Security of Critical Infrastructure Act 2018 (SOCI Act) put OT security on the board agenda with executives now having greater legislated accountability. While previous advice from government was supportive, it's moved to a more enforcement-based regime in Simon's view. And that's leading to a change in how resilience is being viewed.
In the past, OT system resilience was focused mainly on managing physical equipment and avoiding hardware failures. And, architecturally, many OT networks were flat with little segmentation. But as those systems have become more connected, there is a shift in progress. Other issues that Simon sees are unmanaged remote access and a lack of system logging.
"There's often poor visibility of who is accessing systems and what they are doing," Simon adds.
When it comes to how well Australia is doing when it comes to OT resilience and security, Simon is quite upbeat although he says there is room for improvement.
"In some cases we're relatively mature compared to our global peers. We're definitely seeing that in the utility space and in mining. But the execution varies across different verticals and across different tiers of customers within those verticals. The tier one miners are very, very good. But then as you go down to tier two, there's less focus. When we compare ourselves to Europe and North America, Australia is pretty strong with a safety culture but I think we're still catching up when it comes to OT cybersecurity as a whole."
Part of the challenge, he says, comes down to budget. But awareness and visibility of what's connected on site is an issue. In many cases, Simon says the number of vulnerabilities has increased over time as more remote access is granted but not properly managed or monitored. He also thinks there's a perception that our long distance from much of the current geopolitical unrest gives rise to a false sense of security.
The IT world has been grappling with cybersecurity challenges for close to four decades, but it is a relatively new concern from OT systems. And when IT cybersecurity experts try to work with their OT partners, there can be misunderstandings.
"I think the biggest challenges we've seen has been the convergence of the IT layer and the OT layer, but there isn't a common language. There's always a bit of a battle going on between IT and OT. I think, is really one of the biggest things we've seen. There are also skill shortages, lots of ageing assets and, often, people don't like spending money so as long as it's working. And I think there's a fear of disrupting production," explains Simon.
Part of that comes from a culture mismatch but Simon believes bridging the gap between IT and OT is one of the best things that Rockwell Automation can do.
Addressing the new risks being faced by OT system operators starts with discovery in Simon's view. An architecture review helps to understand how everything works and fits together. From there, it's possible to build a roadmap that aligns safety, uptime, and the regulatory obligations including ones they may not be aware of.
"That helps them understand where to invest for maximum benefit and helps to establish executive accountability," Simon says.
The stakes for OT security have never been higher. By starting with thorough discovery, mapping architectures, and aligning security investments with safety, uptime, and compliance, Australian operators can turn blind spots into strategic assets. This is not just about new tools, but a cultural shift that treats cyber resilience as integral to industrial resilience, ensuring systems are not only run for profit but for the safety of all who depend on them.