The Future of Industrial Security

The Future of Industrial Security

Power, efficiency raise the security stakes ever higher

In the new world of modern industrial networking solutions, the security measures to protect a network must match the pace of innovation across many industries, including mining, oil and gas, agriculture, transportation, heavy construction, military, municipalities, and government.

With Artificial Intelligence (AI), the Industrial Internet of Things (IIoT), and robotics, integrated and intelligent systems have been devised that offer novel ways of incorporating new assets into a network. With more systems becoming integrated, the line between digital and physical infrastructure has become increasingly blurred. As the power and effi- ciency of connectivity solutions improve, the security stakes are raised ever higher.

It is for these reasons that, in real terms, a compromised network represents a significant threat to mission-critical systems that keep people safe from harm, as well as jeopardizing sensitive data. Data deserves protection from malicious actors seeking to steal from, subvert or otherwise interfere with vital industrial operations. Given the significance of the problem, the industry is increasingly turning to networks with encryption options and unwavering reliability to solve to this very problem. To stand up to the escalation of the “cyber war” CSO’s and CISO’s are searching for secure networking solutions to provide the kind of protection they now require, which must often support mobility and autonomy.

The Rajant ES1 also earned Security Today’s Govies award for platinum-level “Intelligent Communications. As a result, Rajant Kinetic Mesh is well-established as being a best-in-class offering for CSOs and CISOs in their arsenal of tools to reduce the risk from external threats, all while managing security effectively at a degree of efficiency that was previously inaccessible.

THE BEST OF MESH NETWORKS

Rajant’s Kinetic Mesh networks are built to provide multi-level, robust security to protect network traffic, even as network topologies evolve. As a result, Rajant can offer resilient, intelligent, and secure wireless broadband connectivity, and the Kinetic Mesh solution shines in environments not typically suited to traditional connectivity, such as mobility-driven locations, including ports, mines, energy plants and railyards.

With the Kinetic Mesh, you can remove or introduce new nodes into the network, and the intelligent mesh will automatically adapt, while maintaining complete security. Rajant has strived to create a “living” network which is dynamic, and capable of adapting to the communication requirements of any organization without ongoing, engineering micro-management. As such, the network can seamlessly be installed in minutes and integrate with existing communications infrastructure saving upstart time and money.

Establishing secure network traffic is as simple as choosing the security features required by the organization’s information security strategy. These many features can be controlled, monitored, and managed by Rajant BC|Commander® software that accompanies the Bread- Crumb nodes and integrates with systems that exist on non-Rajant network infrastructure.

CRYPTOGRAPHIC LAYERS

There are many layers to the cryptographic protection installed with Rajant’s Kinetic Mesh network, and all Bread- Crumb nodes are configured with 256-bit Advanced Encryption Standard (AES) using Rajant’s BC|Commander. The first layer of security starts with the cryptographic ‘handshake’ when two nodes interface. The nodes initiate this security handshake upon establishing a connection with each other no matter which security options are selected for the network.

This feature is always active and can’t be removed. If the nodes don’t recognize the cryptographic settings, then the connection is denied.

Beyond this, the selection of cryptographic options includes packet ciphers to encrypt all data as it flows between Bread- Crumbs and per-hop authentication to ensure that each data packet received is in its original state. The network has MAC address cipher capabilities to encrypt the source and destination MAC addresses and a client traffic cipher secured via WEP (Wired Equivalent Privacy), WPA (Wireless Protected Access), WPA Enterprise (Remote Authentication Dial-In User Service or RADIUS), WPA2, and WPA2 Enterprise (RADIUS).

Rajant offers access control lists (ACLs) that can be applied to Ethernet and radio interfaces to specify the users or system processes that are granted access to objects as well as the operations that are allowed on given objects. You can deny access to specific items such as email addresses, users and URLs with a blacklist.

Virtual local area networks (VLANs) allow the segmentation of multiple virtual networks on a single mesh and are configured on a per-port basis, where a port is a BreadCrumb node, one of its Ethernet interfaces or a radio interface- ESSID combination. Clients with access to one set of VLANs cannot receive or send traffic to other VLANs even if they are on the same BreadCrumb mesh.

Quality of service settings applied to prioritize critical traffic can provide a security benefit in certain applications, and disabling interfaces allows unused Ethernet and Radio interfaces to be disabled remotely.

Beyond these deep features, further security options are available to protect communications from the mesh network. To fortify the integrity of the Rajant firmware, updates are encrypted using 256-bit AES in CBC mode and cryptographically signed using a 4096-bit RSA key-pair meaning that non-Rajant firmware cannot be installed. Further to this, BC|Commander’s administrative and management communications are secured using TLSv1 with an RSA or ECC key that is configurable and unique to each BreadCrumb. All BreadCrumb configurations, passwords, and critical security parameters are capable of being remotely managed via BC|Commander or via a button on the device with physical access to a BreadCrumb node. This makes the BreadCrumb device inert so that it cannot join a secured mesh network.

THE FUTURE OF SECURITY

As the abilities of malicious parties improve, the techniques and methods used to compromise and assault critical information systems at industrial enterprises become more and more sophisticated. Therefore, industry-leading connectivity solutions need to provide topof- the-line security to match the strength of the network. Rajant has been engaged in a long-term effort to build the most secure solutions available and fight back against malicious parties hoping to intrude on private networks. As a result, they are incredibly well-positioned to provide the latest and most effective security measures to CSOs and CISOs across the industry. This is something the military, the first customer, has known for 20 years.

This article originally appeared in the July / August 2021 issue of Security Today.

Featured

  • The Key to Wellbeing in the Office

    A few years ago, all we saw in the news was the ‘great resignation.’ Now we have another ‘great’ to deal with. According to CBRE, 2023 was the start of the ‘great return’ as office workers returned to their normal offices after working from home. The data shows that two-thirds of all U.S office buildings were more than 90% leased as of Q2 2023. Read Now

  • Failed Cybersecurity Controls Costing U.S. Businesses $30 Billion Yearly

    Panaseer recently released ControlWatch and the Continuous Controls Battle: Panaseer 2025 Security Leaders Report examining the cost of cybersecurity control failures and the impact of growing personal liability for security failings on security leaders. The report analyzes the findings of a survey of 400 security decision makers (SDMs) across the US and UK. It shows that security leaders feel under increasing pressure to provide assurances around cybersecurity, exposing them to greater personal risk – yet many lack the data and resources to accurately report and close cybersecurity gaps. Read Now

  • The Business Case for Video Analytics: Understanding the Real ROI

    For security professionals who may be hesitant to invest in video analytics, now's the time to reconsider. In a newly released Omdia report commissioned by BriefCam (now Milestone Systems), the research firm uncovered a compelling story: more than 85% of North American and European organizations that use video analytics achieve a return on investment within just one year. The study, which surveyed 140 end users across multiple industries, demonstrates that security technology is no longer just for security — it's a cross-organizational tool that delivers measurable business value far beyond traditional safety applications. Read Now

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

Featured Cybersecurity

Webinars

New Products

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3