Rockwell Automation is a leader in industrial automation and digital transformation. The company is committed to enabling the next generation of smart manufacturing. Pulse 2.0 interviewed Rockwell Automation Senior Network & Security Solution Consultant Ahmik Hindman to learn more about the company.
Pulse 2.0 (Amit): Could you tell me more about your background and your primary responsibilities at Rockwell Automation?
Rockwell Automation (Ahmik): I am a Senior Network & Solution Consultant at Rockwell Automation and have worked on industrial control systems (ICS) for over 28 years, with the past five years focusing on IACS networks and cybersecurity. I hold a BS EE, MBA-IT, CISSP, CCSP, CCNA, Security+, NSE 3, and 4 ISA/IEC 62443 cybersecurity certifications earning the distinction of ISA/IEC 63443 Expert.
I am passionate about educating the next generation of Cybersecurity Professionals and serve as the Chair for the Idaho State University ESTEC Industrial Cybersecurity Engineering Technology Advisory Committee. I also volunteer as a judge for First Robotics and Future Business Leaders of America (FBLA).
Pulse 2.0 (Amit): What are your primary responsibilities at Rockwell?
Rockwell Automation (Ahmik): I work closely with key stakeholders within the organizations, from Engineering Managers, Security Architects, IT Managers, CISO’s to CTO’s ensuring that Rockwell Automation’s products and solutions align with the business goals and objectives.
Pulse 2.0 (Amit): Have you faced any challenges in your sector of work recently?
Rockwell Automation (Ahmik): One of the challenges I often focus on is educating customers on cybersecurity strategies, and helping unearth vulnerabilities they may not be aware of. Frequently, unpatched software and legacy machinery are the silent dangers of industrial manufacturing, often being overlooked for the sake of convenience. Every day, countless systems sit vulnerably, riddled with unpatched security holes, exposing assets to constant cyber threats, with devastating consequences for data, finances, and reputation should the attackers succeed.
To ensure robust cybersecurity, manufacturers must evaluate the cybersecurity risk, which includes looking at any existing mitigating controls, network ingress/egress access, asset maturity, security capability controls within that asset and known vulnerabilities associated with the asset. Then reevaluate the risk with the planned security controls and present this to management to see if the residual risk is tolerable.
Layered security measures such as network segmentation, access controls and threat detection solutions are essential to build resilient cybersecurity infrastructure. This process, although challenging, is essential to protect valuable assets, maintain business continuity and safeguard consumer trust.
Pulse 2.0 (Amit): What is unpatched software and why is it dangerous?
Rockwell Automation (Ahmik): The rate of unfixed ICS flaws rose from 13% to about 34% during the first half of 2023. Unpatched software refers to any software program that hasn’t been updated with its latest security fixes, also known as patches. These fixes address vulnerabilities discovered in the software code that hackers can exploit to gain access to your systems. For industrial companies, the dangers of unpatched software are amplified due to the sensitive nature of their operations and data. Unpatched software exposes companies to cyberattacks, compliance issues, reputational damage, and financial losses.
Pulse 2.0 (Amit): How do cybercriminals find and exploit vulnerabilities in unpatched software?
Rockwell Automation (Ahmik): Unpatched software is a prime vantage point for cyberattacks, with threat actors treating them like open doors into a company’s network. For some of these assets, it may have been years since they were updated with the appropriate security protocols. Cyber attackers use automated tools and manual research to find vulnerabilities, from public databases to reverse engineering. Their goals range from stealing data for ransom to causing disruption, using techniques like phishing emails and malicious websites. Industrial companies can shield themselves by promptly patching software, conducting regular assessments, training employees, segmenting networks, and staying informed about emerging threats. Remember, a patch management strategy is crucial to avoid becoming an easy target and facing potential financial, legal and safety consequences.
Pulse 2.0 (Amit): Are there any benefits to delaying software updates (other than convenience)?
Rockwell Automation (Ahmik): Delaying software updates exposes companies to risks and undermines the very purpose of the update itself. While some patch updates may occasionally cause inconvenience through downtime, the benefits of applying patches usually outweigh the risks and disadvantages of postponing them. Modern software update mechanisms often offer options like scheduling automatic updates at convenient times or choosing incremental updates that minimize disruption.
Pulse 2.0 (Amit): What steps can individuals and businesses take to stay updated on software patches?
Rockwell Automation (Ahmik): For manufacturers, the cornerstone of robust cybersecurity lies in understanding their most valuable assets. Pinpointing the critical components—those whose failure would significantly disrupt operations—is paramount. This targeted strategy ensures resources are concentrated where they are needed most, strengthening defenses against cyber threats, and reducing the impact of any potential breaches. It is akin to fortifying the core of a castle, safeguarding the heart of your manufacturing operations.
Adhere to an established patch management protocol that employs a unified method for risk assessment and leverages standards like the Common Vulnerability Scoring System (CVSS) and/or the Stakeholder-Specific Vulnerability Categorization (SSVC) process. This approach aids in prioritizing patches effectively, ensuring critical vulnerabilities are addressed promptly.
Pulse 2.0 (Amit): Are there any resources available to help people understand and manage software updates?
Rockwell Automation (Ahmik): 1.) Don’t navigate industrial cybersecurity alone: Partnering with cybersecurity experts can significantly boost your organization’s defenses. Experts can tailor recommendations, designs, and implementation to match your company’s specific risk tolerance and needs.
2.) Proactive, holistic security solutions: Consider comprehensive cybersecurity services that encompass a proactive approach across IT and OT environments. This should include identifying critical assets and risks, continuous monitoring for improved visibility and threat detection, and planning for response and recovery.
3.) Simplify compliance and industry expertise: Seek solutions that comply with relevant industry standards to ensure effective risk management and data protection. Choose between project-based deployments or continuous monitoring from experienced security professionals. Companies should select solutions that offer industry-leading threat detection and response capabilities.
Pulse 2.0 (Amit): Can you share any specific customer success stories?
Rockwell Automation (Ahmik): A Fortune 500 food manufacturer, entangled in years of acquisitions, lacked visibility into its vast IT and OT network. This created a blind spot for cyberattacks until they partnered with Rockwell Automation. By deploying a centralized threat detection system across its 46 sites, the company gained a clear picture of its assets and continuous threat monitoring, acting like a “watchful eye” across its network. This helped the company not only understand its vulnerabilities but also stay ahead of threats and secure its vast operations. This case highlights the crucial role of IT/OT convergence visibility in smart manufacturing, as hidden assets can become expensive targets.
Pulse 2.0 (Amit): What differentiates the company’s products from its competition?
Rockwell Automation (Ahmik): With over 100 years of manufacturing expertise, Rockwell Automation serves customers like Summer Garden Foods, Lockheed Martin, and Eli Lilly, in over 100 countries. Rockwell Automation delivers unrivaled OT cybersecurity with a combination of specialized in-house cybersecurity expertise and world-class partnerships that are critical to secure operations. Rockwell Automation provides a deep understanding of the unique vulnerabilities and attack vectors in OT cybersecurity. The company provides OT-specific frameworks and best practices that are tailored to its customers. Its competitors also offer OT security services, however, their businesses revolve around broader IT cybersecurity infrastructure and building automation.