Cybersecurity in automation technology

As a technology leader, Beckhoff is actively shaping the implementation of cybersecurity in automation technology. This is allowing us to create the conditions you need to protect your facilities and systems effectively against cyber attacks.

The most important requirements at a glance

Cybersecurity is a key challenge in many sectors of the economy. It has resulted in a whole host of standards and legal requirements, many of which are relevant to automation technology. Numerous new regulations have recently been adopted at EU and national level, and more are being planned. At the same time, dozens of cybersecurity standards are being revised or newly created.

An overview including industry-specific categories:

• NIS2 Directive (NIS2) and ISO/IEC 27001: cybersecurity in organizations
• Machinery Regulation: successor to the Machinery Directive
• Cyber Resilience Act (CRA): digital product elements
• International standard IEC 62443: industrial control systems

Using expertise and a systematic approach

Information technology (IT) and production (operational technology or OT) are becoming increasingly intermeshed. This is evident from remote maintenance of machines and systems via the internet, for example, which has been routine for a long time now. In an age when cybercrime is growing, however, the interconnectedness of IT and OT networks is opening up new areas that are vulnerable to attack. Despite all the additional work required in this field, and even though there are still some ambiguities to resolve, new standards and regulations for added cybersecurity measures are sensible and welcome. Although it may not be possible for all companies to use a rigid, one-size-fits-all method of putting these into practice, we can assist by providing expertise, a systematic approach and recommendations for organizational measures.

First-hand security expertise and information

The best way to protect machines and systems against cyber attacks and unauthorized access attempts is to systematically reduce the potential points of attack. This can be achieved through organizational measures, system design and technology-based security measures. That is why Beckhoff offers you comprehensive support in all three areas – through up-to-date and effective vulnerability reports plus cybersecurity guidelines for your entire product portfolio, for example, and, overall, by being your partner for cybersecure automation. With these services, we expect to achieve ISO/IEC 27001 certification by the end of 2026.

Further information available on demand

• Vulnerability reports and Product Security Incident Response Team (PSIRT) from Beckhoff: www.beckhoff.com/secinfo

• Cybersecurity guide for Industrial PCs (IPCs): www.beckhoff.com/secguide