Cybersecurity Requirements

Topic: CL345

Cybersecurity Requirements in the OT world

Modern OT (Operational Technology) products, especially those with wireless capabilities, face increased cybersecurity risks due to growing connectivity. To protect both individual devices and the broader network, password protection is now mandatory. This ensures defense against unauthorized access—even in isolated environments. Devices are shipped with default passwords that must be changed upon first use, and disabling passwords is no longer permitted on wireless-enabled PLCs due to the elevated risk they pose.

Why is a Password Mandatory

  1. Protecting Your Equipment

  2. Protecting other network equipment in the area

  3. Meeting Cybersecurity Regulations

  4. Following Best Practices

Why Can't I Disable Password on these PLCs

Given the higher risk associated with wireless communications, international regulations and current security best practices no longer allow passwords to be disabled on devices with wireless capabilities.

This requirement helps prevent unauthorized access to a wireless system—even if it isn’t connected to the internet—by protecting against threats from service laptops, USB drives, or other indirect entry points. Enforcing a password provides a baseline level of security, even in air-gapped environments.

Summary

Even if your environment feels secure, passwords are now a required baseline security measure. They:

Because of these regulations and industry standards, vendors cannot legally or safely allow you to disable password protection.

For more information: PLEASE VISIT ADC CYBERSECURITY PAGE.

Note: C2-02CPU, C2-02CPU-2, C2-03CPU and C2-03CPU-2 PLCs require a User Account with a password setup to use this function.