Collaboration bridges the IT/OT divide.

Enhancing predictive insights and real-time monitoring to boost asset performance and operational visibility .

ABB and Red Hat have announced an extended collaboration to develop automation systems for the future of industrial IT, enabling more secure and modular deployment of control applications for process industries. The collaboration builds on ABB’s automation leadership and Red Hat’s industry-leading enterprise open source platforms, combining industrial innovation and digital capabilities – including data analytics and artificial intelligence – to help pave the way towards autonomous operations.

Their process automation system architecture consists of two interconnected yet distinct environments: a robust and secure control environment that helps ensure stable, real-time management of critical processes, and a digital environment designed for flexible and scalable introduction of digital solutions.

Previously, ABB and Red Hat collaborated on the digital environment infrastructure for a more rapid scalable deployment of advanced analytics, artificial intelligence and cloud-based applications, without disrupting core control operations. Now, the two companies are expanding their collaboration to include the control environment, delivering enhanced operational consistency and stability to meet the most demanding security and process requirements.

Built on Red Hat platforms such as Red Hat Device Edge and Red Hat OpenShift this dual approach will allow customers to introduce innovations incrementally, protecting operational integrity and existing investments while maintaining high levels of cybersecurity. Additionally, Red Hat technologies provide a reliable and secure foundation for system lifecycle services within the process automation system.

“Ongoing industry collaboration is essential to shaping the future of automation. Together with Red Hat, we’re advancing modular, scalable solutions that align with global frameworks and deliver long-term value to customers across process industries,” said Stefan Basenach, Senior Vice President, Process Automation Technology, ABB. “The dual-layered architecture, built on open source platforms, creates a robust foundation for the industry to progress towards autonomous operations. We look forward to building on this momentum together as we continue to drive open, resilient and secure automation that supports industry both now and in the future.”

“This extended collaboration with ABB marks a significant milestone for the industry at large, as we empower manufacturers with the tools and solutions they need to transform to better meet the demands of today’s increasingly complex industrial landscape,” said Francis Chow, vice president and general manager, Red Hat In-Vehicle Operating System and Edge, Red Hat. “Red Hat platforms, including Red Hat Device Edge and Red Hat OpenShift, provide a durable and consistent foundation for process automation and industrial controls, helping to address the strict security and uptime requirements of industrial use cases. We look forward to continuing our work with ABB to deliver modern automation powered by open source technologies.”

Aligned with global industry standards and frameworks, ABB and Red Hat's collaboration supports secure adoption across multi-vendor environments, allowing customers to embrace digital transformation with greater confidence.

---

@ABBgroupnews @abb_automation @ABBMeasurement @RedHat #PAuto #AI

Secure routers insure industry security.

When Operational Technology (OT) networks are converged with Information Technology (IT) networks without security-hardened industrial routers, they run the risk of cyber attacks. A secure router serves as the network's first line of defense, preventing threats from propagating throughout the enterprise.

To defend OT networks against malicious threats, Moxa has introduced its EDR-G9004 Series of multi-port secure routers for Ethernet-based security. These 4-port Gigabit all-in-one devices combine an embedded firewall, router, Network Address Translation (NAT), and Virtual Private Networking (VPN) that protect the integrity of OT infrastructure and critical devices. This level of security is critical in power substations, pump-and-treat systems in water stations, distributed control systems in oil and gas production, and PLC/SCADA systems in factory automation. Additionally, the Moxa EDR-G9004 Series is certified to EN 50121-4 standards for use in railway signaling and telecommunications equipment.

Advanced Cybersecurity.
The 2022 IBM Security X-Force Threat Intelligence Index reported that manufacturing is the most frequently attacked industry, representing 23% of security incursions worldwide. And according to the 2024 State of Operational Technology and Cybersecurity Report, 61% of all security breaches impacted OT systems.

Recognizing these ongoing threats, Moxa embedded the EDR-G9004 Series with a firewall that applies policy rules to control network traffic between trusted zones, along with a NAT shielding the internal network from unauthorized access by outside hosts. Leveraging the VPN further provides users with secure communication tunnels when accessing the private network from the public Internet. Additionally, the EDR-G9004 Series supports Deep Packet Inspection (DPI) to examine the data portion of network packets for various OT-specific protocols. The routers also leverage intelligent IPS functionality for continuous protection against cyberthreats using pattern-based detection that identifies and blocks known attacks.

Like all Moxa hardware, the EDR-G9004 Series is ruggedly engineered for harsh industrial environments. Wide-temperature models operate reliably in hazardous conditions and extreme temperatures of -40 up to 75°C. Moreover, the EDR-G9004 Series supports WAN, Layer 3 redundancy mechanisms, and Gen3 LAN Bypass fault tolerance, ensuring networks stay connected at all times.

The EDR-G9004 Series supports MX-ROS, Moxa's next-generation software platform for industrial security routers and firewalls, specifically designed for critical infrastructure OT and adhering to IEC 62443-4-2.

---

@Moxa_Europe @OConnellPR #PAuto #OT/IT #Cybersecurity

OT Cybersecurity Conference.

The Ireland Section of the International Society of Automation is holding the second OT Cybersecurity Conference in Mullingar* in November 2024. It is being organised in partnership with Cyber Ireland. Entitled Ensuring Continuous Compliance: Navigating NIS2 for Secure and Resilient OT Systems, it will concentrate on several current aspects including legal directives. A call for papers was released recently.

Delegates to the conference will be updated on the NIS2 Directive, which becomes law on 17th October 2024. NIS2 is the EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU, by modernising the existing legal framework to keep up with increased digitisation and an evolving cybersecurity threat landscape. It specifies cybersecurity requirements that need to be implemented by EU companies that are considered to be critical infrastructure.

They will also learn about the ISA/IEC 62443 OT Cybersecurity Standard & application to Control & Automation and how technology advances may effect industry. Practical case studies will be given of actual OT cybersecurity projects.

It will also be an opportunity to meet manufacturers, integrators and end users using OT cybersecurity.

L to R: ISA President, Patrick Bonner (C.E.O. Bonner) and Dónal Óg Cusack, Chair Cyber Ireland’s Operational Technology Cybersecurity Special Interest Group (Cybersecurity & Manufacturing Network Global Lead, DePuy Synthes) adressing last years conference.

---

* Conference organised by ISA Ireland Section in partnership with Cyber Ireland.
Venue: Mullingar Park Hotel, Co. Westmeath N91 A4EP, Tuesday 19th of November 2024

• See also "IT and OT - a relationship?" (Sept 2023)

@IrelandISA @CyberIreland @ISA_EU @ISA_Automation @automation_com @ncsc_gov_ie  #PAuto #Cybersecurity #Ireland

IT and OT convergence.

Providing complete monitoring of IT infrastructure and operational technologies (OT) for business continuity,  Centreon is foremost in confronting the challenges of IT and OT convergence.* 

"At Centreon, we're noting a significant evolution in the importance of IT and OT convergence for businesses. This topic is strongly growing year after year. Our monitoring solutions help optimize the performance of these critical infrastructure, ensuring business continuity and enhanced security," said Julien Mathis, Centreon’s CEO. "We are committed to contributing to this new digital revolution by offering holistic visibility and helping our customers meet tomorrow’s challenges.

Download the ebook:
IT and OT convergence,
connecting the physical and digital worlds.

The market for OT (Operational Technologies) is experiencing steady growth. Valued at $175 (€162) billion in 2024, it is projected to reach $256 €236.5)billion by 2030, with a compound annual growth rate (CAGR) of 6.5%, according to Prescient & Strategic Intelligence. The analyst notes, “the market is driven by the increasing emphasis on real-time data analysis and predictive maintenance, strategic initiatives by governments to promote OT adoption, and emergence of connected enterprises.” Operational Technologies (OT) are vital across various industries, including automotive, construction, energy, food and beverage, and oil and gas.

In an era of intense digitisation, the convergence of IT and OT has become an inevitable necessity. Infrastructure are evolving rapidly, transforming urban, industrial and service environments. Holistic visibility of these technological environments is critical. Whether managing factories, coordinating smart cities or monitoring logistics warehouses, the seamless integration and coordination of IT, OT and IoT elements is essential to anticipate challenges, optimize operations and ensure operational excellence.

Centreon can monitor non-IT devices, regardless of number or location, thanks to its catalogue of over 700 monitoring connectors. Centreon provides complete visibility into IT and OT infrastructure that is shared with all stakeholders, with operational and geographic views for rapid problem detection and resolution, and drastically reduced operational maintenance costs.

Concrete examples
Centreon effectively monitors a wide range of infrastructure worldwide. Examples include monitoring utility distribution: water, electricity, gas, heating energy, for a Swiss public utility organization; monitoring electricity distribution, traffic control and check-in terminals for a German airport; monitoring cold storage equipment temperature for a Japanese food company; monitoring accessibility and security of some sixty parking lots for a car park management company in Belgium; and monitoring digital radio transmission towers and infrastructure for a national radio station.

---

* Download the ebook: IT and OT convergence, connecting the physical and digital worlds.

@Centreon #PAuto #IT #OT

Template configuration for marine applications.

A free template configuration for marine applications, based on Emerson's Movicon.NExT™ HMI/SCADA system, and its PACSystems™ edge controllers, industrial panel PCs, and other control and networking products. This marine demonstration configuration provides a comprehensive user visualisation and interface experience, and it is available free of charge so designers and shipbuilders can accelerate their efforts to deliver a thoroughly modern and unified “single pane of glass” shipboard monitoring and control system.

Marine industry vessels like superyachts and ships may encompass as much automation complexity as a factory or a small city. Monitoring and control requirements are diverse, including subsystems used for propulsion, power delivery, climate control, machinery health supervision, security, and more. However, functionality is typically fragmented, and integration efforts must employ various digital communication protocols and hardwired signals. Furthermore, any visualisation system must be designed for always-on operation, even under challenging marine conditions.

These superyacht and ship characteristics are remarkably similar to the conditions found in a typical manufacturing factory, so it makes sense that industrial-grade Emerson automation technologies are an ideal fit for robust shipboard monitoring and control. The marine demo runs on redundant edge controllers and industrial panel PCs, which is a proven architecture well-suited for reliable and resilient operation.

Emerson edge controllers incorporate operational technology (OT) communication protocols, and they are adaptable to specialized marine industry protocols, so all instruments, devices, and subsystems can be integrated. Information technology (IT) protocols are optimized for conveying a large amount of data efficiently to and among PCs, supporting historizing, alarming, visualization, and other functionality. A self-healing PROFINET ring for accessing remote I/O, and redundant IT switches and rings, ensure uninterrupted communications amongst all devices. Data security is addressed because the HMI/SCADA solution carries IEC 62443-3-3 certification.

The marine demo has been developed by Emerson with numerous sample dashboards and displays, following a modern aesthetic to deliver unprecedented amounts of information in a streamlined format. Examples of systems and equipment supported include propulsion and Marex controls, electrical power generation/management, valve controls and tank volumes, schematics, fire detection, exterior/navigational lighting, interior lighting, CCTV, HVAC, alarms, data logging, and more. Here is a video depicting the marine demo.

Digital transformation is being implemented throughout factories worldwide so users can experience better visualisation and gain access to valuable data-driven insights. These same technologies are coming to seagoing vessels, and industrial automation and HMI/SCADA platforms are a superior choice. The Emerson marine demo combines proven hardware, software, and networking—providing a wealth of sample displays and concepts, which marine developers can use as templates for accelerating their designs.

---

@Emerson_News @EmersonExchange @mepaxIntPR  #Marine #Automation

IT and OT - a relationship?

The recent annual national conference of Cyber|Ireland, the national cyber security cluster organisation that brings together Industry, Academia and Government to represent the needs of the Cyber Security Ecosystem in Ireland was held in Galway city last week (27 September 2023).

Cybersecurity is of course on everybody's lips these days, particularly hear in Ireland after the criminal attach on the health services systems in the midst of the COVID 19 emergency forcing our already overburdened health professionals back to using pen and pencil as the Information Technology (IT) people struggled to bring the software systems up and running again. Many attending the conference were worried about this type attack on their IT systems. Some were also interested in the workings of their factory, Operational Technology (OT) and how exposed they were to attack. This vulnerability can be, and usually is, very different to that of IT.

The day before the actual conferences there were a number of special meeting examining various sectors effected in different ways by this ever-present threat of infiltration or disturbance, malicious (isn't it always?) or otherwise.

Automation professionals became acutely aware of a threat to their systems in July 2010 when we first heard the word Stuxnet. We first heard about it from an Americal pioneer in security, Eric Byres. Semantic's Liam Ó Murchú, one of the first to understand it described his reaction, “Everything in it just made your hair stand up and go, this is something we need to look into.” The Signpost instituted a page as a guide to developments and articles on STUXNET, "the little varmint!" as Byres called it. This ran from July 2010 to 2013 and is still accessible.

Of course things have progressed since then and most, if not all, of the major process and manufacturing entities are aware of the threat and are taking steps to defend themselves. The International Society of Automation, the automation Standards organisation in particular sprang into action and quickly strengthened their security committee developing over time the Cybersecurity Series of Standards now adopted by the IEC - ISA/IEC 62443.

Speakers at Cyber|Ireland OT Forum
LtoR: Damian White, Billy O'Connor, Ita O'Farrell, Dónal Óg Cusack, Eoin Byrne.

The OT Forum.
Cyber|Ireland, as one might expect,  has established a special OT Security Special Interest Group, The Cyber Ireland OTSec SIG,   under Dónal Óg Cusack (yes the hurler!) of DePuy Synthes as chair, with members from industry, vendors and other experts. One of the meetings was organised by this group. The introduction gave an interesting break down of the leading manufacturers/processes in the country and where they stand in the European marketplace (see slide reproduced above).

The first speaker, Ita O’Farrell, Head of Compliance, National Cyber Security Centre (NCSC), outlined the work of the NCSC, set up by the Government, and outlined the law and clarified those responsible or answerable. The political agreement (NIS2) was formally adopted by the European Parliament and then the European Council in November 2022. It entered into force in January. Member States now have until 17 October 2024, to transpose its measures into national law. The NCSC are expanding their services now to small and medium-sized enteprises(SMEs) through the development of an SME Cyber Security Document. 

Dónal Óg Cusack introduced
the OT Forum

Damian White, of DataLogiX Solutions, specialists in securing OT networks used by manufacturers and processes. He stressed the importance of ensuring that management were aware of the importance and the very different challenges facing the production process in their factories.

The view of the user was presented by Johnson & Johnson's Billy O'Connor. Again he spoke of the importance understanding of the differences experience from the IT perspective and the operators' integrity. There has always bee a tension here and his final comment was humorous but emphasises the importance of dialogue. "The IT people are trying to break away from their relationship with OT and the OT didn't know that there was a relationship!"

Perhaps the real answer is communication and trust.

Cyber|Ireland OT Security Special Interest Group

---

@CyberIreland @ncsc_gov_ie @DataLogiX #CINC2023 #PAuto #Cybersecurity #Ireland

Mitigating increased cyber threats

Schneider Electric have launched a Managed Security Services (MSS) offering to help customers in operational technology (OT) environments address the increased cyber risk associated with the demand for remote access and connectivity technologies. 1 With the manufacturing industry reporting the highest share of cyberattacks in 2022, business owners increasingly recognize the need for innovative cybersecurity solutions to help minimize downtime, loss of intellectual property and other disruption caused by system vulnerabilities.   Powered by Schneider Electric’s global Cybersecurity Connected Service Hub (CCSH), this new offering provides proven technologies as flexible services to monitor cyber threats and proactively respond on behalf of customers. Few companies, especially those in the OT space, have the specialized cybersecurity resources or expertise in house.   “Managed Security Services will help our customers implement cybersecurity industry-leading practices, proactively address risk, and align to regulatory requirements, giving them the ability to focus on their core operations,” commented Jay Abdallah, Vice President of Cybersecurity Solutions and Services at Schneider Electric. “As part of our wide range of solutions to make organizations run more efficiently, this new cybersecurity offering is continuously evolving, helping to protect our customers against new cyber threats that can, and will, arise.”  Schneider Electric is one of the few global MSS providers to integrate security monitoring and remediation support, defending digital infrastructures across all business types and industries. This MSS solution monitors known risks and protects networks, systems and data across IT, OT and cloud environments – each of which have specific protocols and attack vectors. This new service can help customers to reduce the risk of emerging threats and sophisticated attacks that these unique technical and operational environments face.  As a vendor-agnostic solution, MSS fits into an organization’s existing IT/OT infrastructure, scaling to their budget and maturity. Backed by advanced machine learning capabilities and trend analysis, MSS continuously optimizes processes and addresses real-time threats. The services include 24/7/365 support through Schneider Electric’s CCSH, with a global engineering and support team available around the clock.

---

1Related resources:  Read the blog: Maximizing Your Digital Potential: The Role of Managed Security Services in Cybersecurity Risk Mitigation  Learn more about Managed Security Services

@SchneiderElec @teamlewisglobal #PAuto #cybersecurity

Managing complex system architectures in OT/IT integration.

Softing offers a flexible, container-based solution for managing complex system architectures in OT/IT integration all the way to edge and cloud applications with their new edgeAggregator.

Data exchange plays a particularly important role in the integration of production and management levels up to edge and cloud applications. Already with a small number of servers and clients, the architecture becomes very complex. With the new edgeAggregator, Softing provides a central data integration layer that reduces complexity while addressing the large number of variables as well as managing access rights and special security requirements.

The edgeAggregator has three key functions:

1. As an OPC UA aggregation server, it handles the aggregation of up to 100 OPC UA servers and supports up to 25 OPC UA server endpoints.
2. As an IoT cloud gateway, it handles bidirectional data transmission with cloud applications via MQTT Publisher/Subscriber functionality.
3. As Security Supervisor, it is responsible for the central management of the security parameters of the OPC UA and MQTT connections, such as users and certificates, and acts as an "OPC UA Firewall" for protection against attacks.

As a Docker container, edgeAggregator can be easily configured and deployed as an edge solution or with central cloud platforms. The interface abstraction of edgeAggregator allows continuous adaptation and scaling of IoT solutions based on OPC UA and MQTT throughout the entire lifecycle. Users thus gain a high degree of flexibility while significantly reducing integration and configuration costs.

@SoftingIA @mepaxIntPR #PAuto 

What’s Next for IIoT Device Connectivity?

The Industrial Internet of Things (IIoT) has not only blurred the lines between OT and IT disciplines, but also led to the increasing prevalence of large-scale and highly distributed applications where field devices are dispersed over a wide area and need to communicate directly with remote servers. This means that where the data is going to and from, how all the different devices are managed, and keeping your data safe matter even more than before. In this article, Moxa provides three expert tips to keep in mind for selecting device connectivity solutions that can meet the demanding requirements of large-scale and highly distributed IIoT applications in the connected world.

With widespread adoption of the IIoT, the traditional boundaries between OT and IT in industrial automation are becoming blurred (click to download image from dropbox. (Image Moxa) 

Know Where Your Data Goes
Large-scale and highly distributed IIoT applications need to collect data from many different sites. Just imagine all the wellheads in a typical oil-drilling application that could be spread out over a massive desert. All the data from each wellhead not only needs to be collected and constantly monitored and controlled from afar, but also needs to be sent somewhere to process all the digital bits of information into human-readable insights. You could deploy an edge computer at each field site to collect, locally preprocess, and transmit your data to a remote server for more advanced analysis. However, some applications may only need to enable connectivity and be able to sufficiently process their data on a cloud server.

Using connectivity devices at each IIoT field site to transmit your OT data to a remote server could save you time, effort, and costs. That is because many distributed applications, such as oil drilling, only require collecting relatively small amounts of data from each field site, so the costs and programming effort associated with deploying edge computers at multiple locations may not be justified. Instead, connectivity devices can usually do the trick and be more cost-effective and efficient too.

You’ll also want to consider the type of remote server you’re working with. For private servers, MQTT is one of most commonly used protocols to bridge the data between OT and IT systems. As for public cloud servers—such as Microsoft Azure, Amazon Web Services (AWS), or Google Cloud—each service provider has its own methods and protocols for collecting data. Before you choose your connectivity devices, you should know (or decide) whether your applications use private or public servers, and then find the connectivity devices that support related protocols or SDKs to save you time and money in the development stage.

Stay on Top of Device Management
When you finally get all your field devices with multiple communication interfaces connected, another big question arises. How do you manage dozens or hundreds of different kinds of connectivity devices? During your daily operations, you need to monitor your connectivity devices to keep them up-to-date with the latest firmware and minimize unauthorized access and potential intrusions by updating device logon credentials for every user. Such tasks might not be an issue when there are only a few devices and one type of connectivity device. However, it can be a huge burden if dozens of different kinds of connectivity devices are used in your IIoT application.

Having a software tool or utility that can help you manage large amounts of different kinds of connectivity devices can make daily operation much easier. With the lines between the IT and OT worlds becoming increasingly blurry in the IIoT era, management tools need to be flexible enough to serve users from both domains. Besides mass device management capabilities, the connectivity device you choose should have both a GUI for OT users and CLI for IT users to optimize IIoT system maintenance.

As Always, Cybersecurity Matters
The diversity of end devices in industrial field sites, distributed architectures, and legacy systems increases the security risk of your IIoT applications because most of these devices are not designed with cybersecurity in mind. As a result, it is essential to select connectivity solutions with built-in security features to place in front of your end devices. But with so many connectivity solutions on the market to fulfill the communication demands of different edge devices, how can you ensure your field data is well protected? Enter the IEC 62443 standard, a set of global security guidelines that list specific security requirements for device manufacturers to follow to ensure the device you choose meets the latest cybersecurity standards.

When you choose a connectivity device, use the following checklist to make sure the devices support sufficient security features and allow you to define and control user access to your IIoT applications.

• Identify and control who can log on to devices
• Increase password complexity to enhance access control
• Verify authorized devices before the devices gain access to the network and communicate with other devices
• Encrypt confidential serial interface data on the network to ensure data integrity
• Encrypt configuration data to increase confidentiality
• Select device vendors that respond quickly to and fix reported vulnerabilities

To l more about industrial connectivity,
download this E-book

Keep the above three tips in mind so that enabling device connectivity for your IIoT applications can be easier, more secure, and more efficient. To help you get started, Moxa has developed a series of device connectivity solutions, including serial device servers, protocol gateways, and remote I/O devices, that are capable of connecting your field data to private or public servers securely and efficiently. 

 @MoxaInc @OConnell_PR #PAuto #Communications

OT/IT - reducing network security concerns.

With increasing demand to integrate Operational Technology and Information Technology (OT/IT), data security is at the forefront of concerns. In fact, according to an IDC survey, security is regarded the number one barrier to OT/IT integration today.

This Article by Liam Cheng, Product Manager, Moxa

When integrating OT and IT systems from traditionally closed to open data systems, problems arise when unwanted access is given to an organization’s private operation data. To safely integrate unconnected legacy systems, these 10 tips from Moxa should help to reduce network security concerns.

Tip 1: Change default passwords for networking devices
Because legacy systems are connected through networking devices, the first thing to do is replace default passwords. The security strength of default passwords is usually low and easy to find in a public user manual. Don’t take this risk when you can easily prevent it.

Tip 2: Disable unused yet connected ports and services
When deploying a networking device, some unused ports or unnecessary services may open the door to cyberthreats in an application. Disable these ports and services to block the available paths to unwanted access.

Tip 3: Verify firmware source before update
When networking devices require firmware update, make sure there is a mechanism to verify the firmware source. Checking the CRC code is one way to ensure the firmware comes from the original source. Another way to verify the firmware source is through secure boot design. It’s a feature that ensures the integrity of firmware running on a platform.

Tip 4: Use secure communication protocols
It’s important to use a secure protocol (i.e., TLS 1.2 support in HTTPS and SNMPv3) for connected legacy systems. It can reduce the chances of unwanted access while managing networking devices, and it can enhance data integrity while transmitting data. Also, when deploying networking devices, disable unsecure protocols to minimize the chances of a manual error.

Tip 5: Only allow authorized users to access devices and network
Prioritize critical assets and validate network segmentation so there is a clearer picture about what authority can be granted to what specific segment. Furthermore, deploy trust-listing, such as listing only permitted IP addresses, to keep unwanted access out of legacy systems. Other advanced functions are also available to limit unwanted access. For example, define a specific protocol format or command that can access devices and network.

Tip 6: Encrypt critical data before transmissions
In OT environments, critical data leakage can cause operation downtime, thus impacting operational efficiency. For connected legacy systems, encrypt critical data during transmissions to enhance data confidentiality and reduce the chances of negatively impacting daily operation.

Tip 7: Constantly monitor if networking devices are at the desired security level
When the legacy systems are connected, define the security measures based on the application’s demands so that networking devices can easily be monitored and managed. When the system networks are up and running, constantly monitor whether the security status of devices meets the requirements defined from the onset.

Tip 8: Periodically scan vulnerabilities for potential threats
It’s essential to know what potential threats legacy systems are facing. Scheduling a vulnerability scan periodically gives a better idea of the security status of the overall system, helping users take necessary actions when needed.

Tip 9: Perform security patches for networking devices to reduce vulnerabilities
We all know that security patching is important. However, it is not always easy in field sites. From a business perspective, it can lead to tremendous costs when operations are paused to test and perform patches. On the other hand, risks and costs are also involved by doing nothing about it. A more sustainable approach is finding a balance midway by performing acceptable batches of security patching for critical field systems.

Tip 10: Use virtual patching for known vulnerability of legacy systems
In certain situations, security patching is not an option. Furthermore, some legacy systems are not able to perform patching. For these type of situations, virtual patching is an efficient alternative. Deploy the virtual patch in the network connected to legacy systems to eliminate known vulnerabilities and protect the devices against certain exploits. Virtual patching is also a good way to reserve a buffer time while the system is waiting for the next maintenance period to get patched.

@MoxaInc @OConnellPR #PAuto #Manufacturing