Cybersecurity: The new priority in industrial automation
Posted to News on 10th Nov 2025, 07:46

Cybersecurity: The new priority in industrial automation

Automation is smarter than ever. But with intelligence comes risk. Connected machines, digital platforms and remote access are transforming manufacturing - and at the same time opening doors to cyber threats. Weak passwords, unpatched software or unsecured interfaces can all be exploited. The financial damage runs into billions every year.

Cybersecurity: The new priority in industrial automation

For industry, the message is clear: cybersecurity is no longer optional. It's the foundation of reliable, future-proof production, as the experts at Bosch Rexroth explain.

A new regulatory landscape

Governments are stepping up. Around the world, stricter regulations are being introduced to protect critical infrastructure and industry from escalating cyberattacks. The EU's Cyber Resilience Act (CRA) is a prime example - and a game-changer for machine builders and suppliers.

The CRA covers all products with digital components that connect to a network. It demands security from the design stage onwards: risk assessments during development; products secure by default and capable of updates; and mandatory reporting of serious vulnerabilities within 24 hours.

The penalties are severe. Non-compliance can bring fines of up to 15 million or 2.5% of global turnover. Products may even be withdrawn from the market or restricted. Crucially, sanctions can apply even for technical oversights such as incomplete documentation.

In short, the CRA makes cybersecurity mandatory. Those who act early will be best placed to stay compliant and competitive.

Bosch Rexroth's answer: ctrlX OS

Bosch Rexroth has been preparing for this shift for years. Its ctrlX OS, a Linux-based operating system, has been designed with cybersecurity at its core: secure by design and by default, certified to IEC 62443-4-2 Security Level 2; full protection for stored, transferred and processed data; and rapid, reliable security updates without interrupting operations.

What sets ctrlX OS apart is its openness. It's available not only on Bosch Rexroth devices but also for third-party automation components. That means an entire ecosystem of machines can benefit from the same high level of protection.

"The CRA sets mandatory cybersecurity requirements for manufacturers and resellers throughout the product lifecycle. With ctrlX OS we are already well prepared. Customers can be confident that our products set them up for the future," says Steffen Winkler, Senior Vice President Sales, Automation and Electrification Solutions, Bosch Rexroth.

ctrlX CORE - Security in action

The ctrlX CORE control system is a flagship example of ctrlX OS in action. Built to be secure as standard, it offers:

- Strict password rules and user authentication.

- Compliance with the latest international standards.

- Regular vulnerability remediation and secure updates.

- Authorised access control for sensitive data.

Security can be strengthened even further with apps from the ctrlX OS Store. These include:

- Security Scanner - inventories components, highlights vulnerabilities.

- Firewall app - minimises exposure to attacks.

- VPN Client - enables secure, approved remote access.

Together, these tools give manufacturers everything they need to meet the CRA's requirements while protecting operations day to day.

Protecting brownfield sites

Cybersecurity isn't just about the latest kit. Many plants run older machines that remain vital to production. Retrofitting these with modern protection is often the biggest challenge.

This is where ctrlX CORE really shows its value. It can be used as a security gateway, bringing advanced defences to legacy machines and third-party systems.

"To meet the CRA requirements and defend against increasing cyberattacks, it's essential to safeguard existing equipment. ctrlX CORE integrates modern cybersecurity into older systems a key advantage in brownfield environments," adds Winkler.

Beyond technology - building cyber resilience

Technology is vital, but people and processes matter too. Bosch Rexroth supports manufacturers with services that strengthen their overall resilience: threat analysis and risk assessments; security scans and compliance checks; training programmes to build IT security skills; and tailored strategies to meet specific business needs.

This holistic approach ensures companies don't just buy secure products - they embed cybersecurity into their culture and operations.

Security as a competitive advantage

The automation sector is advancing rapidly, but with that progress comes a stark truth: every new connection is a potential vulnerability. Regulations such as the CRA are forcing companies to rethink their approach - making cybersecurity the backbone of modern automation.

Bosch Rexroth is responding with products like ctrlX OS and ctrlX CORE that are secure by design, compliant with new legislation, and adaptable across both new and existing environments. Backed by consulting, services and training, these solutions enable manufacturers not only to meet regulatory requirements but to build long-term resilience.

As Winkler concludes: "We are aligning all products and services to ensure companies comply with regulations and design their systems to be secure and robust for the long term. That's the only way to be ready for the future."

Want the latest machine building news straight to your inbox? Become a MachineBuilding member for free today >>


Bosch Rexroth UK Ltd

15 Cromwell Road
St Neots
PE19 2ES
UNITED KINGDOM

0345 6044106 (01480223253)

Pilz Automation Technology AutomateUK Mechan Controls Ltd Lenze Ltd ABSSAC Ltd Control Technologies UK Ltd Smartscan Ltd Heidenhain GB Ltd Telemecanique Sensors Energy Efficient Drive Systems Ltd Micro Epsilon UK Limited Kawasaki Robotics (UK) Ltd Aerotech Ltd STOBER Drives Ltd