The advent of easily deployable control and sensor technology has created a world where network-connected devices are prevalent in industry. This includes everything from facilities management systems (such as HVAC, lighting, and access control) to industrial process control systems on the factory or production floor, to life safety assurance, and to customer and inventory tracking. These operational technology (OT) platforms bring opportunities for smart analytics and machine learning, predictive maintenance, remote monitoring, and increased quality management. With those same technologies come risks of malicious outsiders, hacktivism and terrorism, employee sabotage, and malware/virus threats that have traditionally been a concern for the enterprise IT environment. The stakes are much higher in the OT environment, where a breach could impact life safety, manufacturing continuity, revenue, or facility usability.
Appropriate, risk-based cybersecurity for industrial Internet of Things (IIoT) and OT environments involves a complex mix of architecture, technical, and integration controls, as well as adaptation of traditional cybersecurity platforms for this emerging world. The skill set required spans the gamut of embedded and process control (IPC) hardware, industrial automation, control networks (SCADA, ModBus, etc.), and enterprise IT. Rule4 provides recognized experts in all of these realms to help your organization achieve an appropriately balanced approach for IIoT cybersecurity.
Rule4 also applies the ISO IEC 62443 and NIST SP 800-82 standards where they provide value as a framework to create a comprehensive protection model for your environment.