Securing the smart factory: cybersecurity for advanced manufacturing

The manufacturing sector is undergoing digital transformation, digitising processes and adopting the Internet of Things (IoT) and AI technologies to improve efficiency and reliability. The connectivity of operational technology (OT) to the internet and the convergence between OT and IT have created extreme efficiencies but new vulnerabilities and exposure to cybersecurity threats.

Manufacturing companies are facing a critical need for robust OT cybersecurity programs in today’s landscape full of complex threats. The rise of ransomware and sophisticated nation-state attacks has turned manufacturing facilities into prime targets. The proliferation of insecure IoT devices, cloud connections and remote access has significantly increased the avenues for attacks on vital systems, making the need to implement strong OT cybersecurity programs more urgent than ever.

Industrial control systems in manufacturing operations have historically enjoyed a relatively threat-free environment from outside forces. Today, things are different: rising cyber attacks on industrial operations show how cybercriminals carefully choose their targets for maximum impact and exploit weaknesses to damage otherwise stable infrastructure — and public wellbeing.

Over the past year, the threat of ransomware attacks has reached alarming levels, with a staggering 50% surge in incidents targeting industrial organisations. What’s more concerning is that 70% of these attacks were directed at manufacturing entities. According to cybersecurity company Dragos, 21 threat groups are currently fixated on infiltrating industrial organisations, painting a grim picture of the cybersecurity landscape.

Threats to industrial operations have outpaced the capabilities of most OT cybersecurity programs. Most facilities lack the security resources, technologies and cybersecurity management tools to defend operations against ransomware and sophisticated attackers. They also lack the people and expertise to ensure the security of new digital transformation efforts and the expanded use of remote workers. Today’s OT security teams face the same security challenges as their IT counterparts and need comparable capabilities. No company can afford to ignore the growing risks of severe cyber incidents.

Manufacturing industry cybersecurity leaders must address cybersecurity needs to lower the risk of damage and downtime and limit risks to the public. Modern, connected factories introduce new vulnerabilities, but there are well-established practices that organisations can use to improve their security postures and reduce exposure to threats.

Based on these findings and aligning with the National Institute of Standards and Technology (NIST) cybersecurity framework, the following core steps are recommended:

• Performing asset inventories.
• Performing accurate risk and vulnerability assessments to locate the areas of greatest weakness.
• Developing a cybersecurity plan based on assessment results.
• Segmenting and hardening networks with an industrial demilitarised zone and firewalls.
• Implementing threat monitoring.
• Preparing and rehearsing incident response plans.
   

It is also recommended that organisations find a partner that can assist in evaluating, executing and maintaining the security of industrial control systems and help to enable transformational technologies that create secure enterprise connectivity, based on industry’s most robust standards and frameworks such as ISA/IEC 62443 and the NIST cybersecurity framework.

Image credit: iStock.com/metamorworks