Cyberattacks against industrial assets are increasing, and the World Economic Forum states that the manufacturing industry is the world's most target industry. HMS works in many different ways to help customers improves industrial security.
HMS industrial network security products protect operational technology (OT) from cyber threats. By segmenting networks and "compartmentalizing" it is possible to improve security on the factory floor or in other critical applications.
Secure remote access to machines protects equipment against unauthorized access and cyberthreats. HMS' Ewon remote solutions prioritize security, integrity, and reliability.
HMS puts lot of effort into developing secure and robust products. Nevertheless, we or others detect security issues in our products from time to time. When we are aware of a security issue we will publish information about the issue.
Our goal is to have updated firmware available before we publish the information officially, this to prevent security issues to be used in exploits.
Directive on the Security of Network and Information Systems that requires essential and important organizations to strengthen risk management, secure their networks and report incidents to improve Europe’s overall cyber resilience.
Valid from 18 Oct 2024
Requires machine builders to address cybersecurity risks that could affect the safe functioning of machinery, ensuring that digital attacks cannot cause dangerous operation or loss of control.
Required from 20 January 2027
The Cyber Resilience Act is an EU regulation that requires connected devices and software products to include built-in baseline cybersecurity throughout their entire lifecycle.
Will apply in full from 11 December 2027, reporting requiremen form 11 September 2026
International standard that provides a structured framework for securing industrial automation and control systems, with specific requirements for vendors to build secure products and for operators to manage risk, segment networks and maintain secure operations throughout the system lifecycle.
Validity: Generally voluntary, however embedded as the de-facto mandatory framework across multiple regulated sectors including energy, rail, chemicals, water, machinery and defence.
Industrial systems are protected through layered network controls such as industrial firewalls, micro-segmentation, and protocol-based network separation. Firewalls enforce strict policies at the device or cell level, allowing only the specific traffic that PLCs, drives, and machines require while blocking everything else by default. Micro-segmentation limits communication to explicitly defined zones and conduits, reducing the attack surface and preventing lateral movement inside the OT network.
Protocol gateways further strengthen separation by allowing only approved commands or data to pass between zones, eliminating direct routable access to critical assets. Together, these controls provide visibility, deep protocol inspection, logging, and enforceable policy management so industrial systems remain isolated, monitored, and protected without disrupting operations.
Secure remote access to OT environments should use encrypted VPN connections, outbound only communication, and strong role based authentication. A cloud hosted connection point with built in firewall capabilities can act as a secure conduit between IT and OT, enforcing traffic policies before access is granted. The same architecture can securely enable data collection from critical assets, such as diesel generators, without exposing the control network to the internet.
Join our IEC 62443: In-Depth Training with Dr Pierre Kobes - a leading contributor to the ISA/IEC 62443 series. Learn what the standard means in practice and what actually works in real operating environments.
A guide to configuring Ewon Talk2m and devices for NIS2 compliance using the ISA/IEC 62443 framework.
The industrial landscape is rapidly evolving as operational technology (OT) and information technology (IT) become more interconnected. While this connectivity facilitates efficiency, monitoring, and predictive maintenance, it also brings substantial cybersecurity challenges. Among these challenges, securing remote access to industrial systems is paramount, as vulnerabilities can compromise safety, productivity, and compliance with regulations. To address these growing risks, the NIS2 Directive (1) mandates security measures for industrial environments.
Have a communication expert from HMS contact you to discuss your specific requirements.
