Wesco is a world leader in electrical, communications, utility distribution and supply chain services and a member of the Rockwell Automation Partner Network programme. The company is not a typical ‘parts and pieces’ electrical distributor. For more than a century, it has been guided by an innovative instinct to serve the customer first by developing solutions that satisfy complex, everyday challenges.
Recently, the company put that philosophy into practice by expanding their cybersecurity capabilities. To build their cybersecurity portfolio, Wesco turned to two Rockwell Automation offerings, a security posture survey and threat detection services.
Opportunity presents itself
In late 2021, a food supplier approached Wesco with a challenge. The manufacturer was acutely aware of the growing and evolving cyberthreats targeted at food and beverage companies, and had experienced a cybersecurity incident on their own IT network.
While that incident was quickly contained and did not impact production, the company was now taking proactive steps to better mitigate their risk. To that end, they had engaged an organisation to help analyse their security posture on the IT network. However, the food company still lacked expertise in plant networks and turned to Wesco for an assessment regarding the OT side of their operation.
In particular, the manufacturer hoped to identify all assets across the industrial control system (ICS) and uncover any vulnerabilities. Then, they planned to deploy a cybersecurity program aligned with the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
Wesco recommended an approach that followed Rockwell Automation methodology, beginning with a security posture survey, the critical first step to deploying an actionable plan for remediation. The survey provides detailed information to assess and prioritise OT security risk through an asset inventory, and establishes a baseline for network traffic and abnormality detection.
Stepping through the process
As an Authorised Rockwell Automation Service Provider, Wesco delivered the security posture survey directly to their customer.
Typically, the survey begins with a kick-off call followed by data collection, which can be completed in an eight-hour workday on site. Data is analysed remotely and two reports are generated: a critical findings report and a comprehensive report.
The critical findings report itemises vulnerabilities that impact critical devices. These devices could result in a major shutdown if compromised. The report also rates the vulnerabilities on a scale from zero to ten, with ten being the most critical. This customer’s report included multiple pages documenting significant security gaps.
In line with NIST guidance, the food company applied a defense-in-depth cybersecurity strategy. The strategy comprises network segmentation and multiple layers of protection, including Rockwell Automation threat detection services featuring Cisco Cyber Vision. Cisco is a Rockwell Automation Strategic Alliance Partner.
Cisco Cyber Vision leverages a unique edge computing architecture that monitors industrial networks and aggregates data with embedded sensors in select Cisco networking equipment. As a result, no additional network resources are required. Cyber Vision also enables security monitoring components to run within certain models of Allen Bradley Stratix 5800 managed industrial Ethernet switches.
Success builds
Currently, the food company is monitoring the threat detection services internally and is pleased with the results. Because the customer is so confident in the system’s capabilities, they asked Wesco to implement the same solution at two additional manufacturing facilities.
In 2022, Wesco received the Rockwell Automation Partner Network Award for Innovation based on the successful threat detection implementation. But the company was just getting started. In 2023, Wesco was again recognised for innovation for a solution in the cybersecurity space.
The latest award was for a critical infrastructure project with a municipal water utility, which engaged Wesco to conduct a network health check across twelve water and wastewater plants. Wesco uncovered more than 500 vulnerabilities on the network, plus a physical vulnerability. Based on the findings, the utility chose to accelerate the timeline for their planned system upgrade, with Wesco taking the lead.
For more information contact Rockwell Automation,
| Tel: | +27 11 998 1000 |
| Email: | [email protected] |
| www: | www.rockwellautomation.co.za |
| Articles: | More information and articles about Rockwell Automation |
© Technews Publishing (Pty) Ltd | All Rights Reserved
printer friendly version