Tackling the evolving cyber challenges in our industrial sector
Australia’s manufacturing, processing and mining industries are cornerstones of the economy, and heavily reliant on instrumentation, process control and automation systems to drive operational efficiency. These operational technology (OT) environments, however, face escalating cybersecurity risks as they become more interconnected with IT systems and external networks, requiring organisations to introduce robust cybersecurity measures to secure them.
The growing threat landscape
The 2023–24 Annual Cyber Threat Report highlighted a 13% increase in cyber incidents targeting critical infrastructure, with manufacturing and mining among the most affected. Legacy OT systems, often designed without security in mind, are particularly vulnerable. For instance, unpatched HMIs or PLCs can serve as entry points for attackers.
Recent examples underscore the real-world impact of these threats. A 2020 ransomware attack on a major Australian manufacturer saw local wool and dairy deliveries brought to a halt. In 2021, an attack on one of the world’s largest meat processors left Australian grocery stores with bare shelves.
As OT environments increasingly adopt IoT devices and cloud-based solutions, their attack surface expands, necessitating proactive cybersecurity strategies.
Collaboration between OT owners and cybersecurity stakeholders
A close working relationship between the owners of process control networks — engineers and operators managing OT systems — and cybersecurity stakeholders, including IT security teams and third-party consultants, is essential for securing industrial environments. Historically, OT and IT teams operated in silos, with differing priorities: OT focused on uptime and safety, while IT emphasised data security. This disconnect can lead to misaligned security policies, leaving gaps in protection. For example, OT engineers might prioritise system availability over applying a security patch, inadvertently exposing the network to exploits.
In Australia, fostering collaboration is critical to bridging this gap. Regular cross-functional workshops, joint risk assessments and shared governance models can align objectives. For instance, integrating OT-specific threats into enterprise-wide security operations centres (SOCs) ensures real-time threat detection without compromising operational continuity. Companies like BHP have implemented such models, embedding cybersecurity experts within OT teams to enhance threat response. This collaborative approach ensures that security measures respect the unique constraints of OT environments, such as avoiding downtime during production cycles.
The critical role of asset inventory
An accurate, up-to-date asset inventory is the foundation of effective OT cybersecurity. Without a clear understanding of all devices, software and connections within a process control networks, organisations cannot identify vulnerabilities or prioritise mitigation efforts. In Australia’s mining sector, sprawling operations with legacy and modern systems often lack comprehensive asset visibility. A 2022 ACSC report noted that 60% of critical infrastructure operators struggled to maintain complete asset inventories, hindering incident response.
Implementing automated asset discovery tools can address this challenge. These tools map OT networks, identifying devices like PLCs, SCADA systems and IoT sensors, while cataloguing firmware versions and network dependencies. By maintaining a dynamic inventory, organisations can prioritise patching, segment networks and detect anomalies, significantly improving cybersecurity outcomes.
Secure access methods for modern OT environments
Secure access to OT networks is another critical pillar of cybersecurity, but traditional methods like shared credentials or unencrypted remote access are no longer sufficient. The rise of remote operations in mining and manufacturing, accelerated by the COVID-19 pandemic, has increased reliance on remote access for maintenance and monitoring. However, weak access controls are exposing these OT systems to external threats. The 2021 Colonial Pipeline attack in the US, though not Australian, highlighted how compromised remote access can cripple operations.
Modern OT environments require secure access solutions like Zero Trust Architecture (ZTA) and multi-factor authentication (MFA). ZTA verifies every access attempt to the process control network, regardless of location, reducing the risk of unauthorised entry, while MFA adds additional layers of protection, ensuring that even stolen credentials cannot be easily exploited. Australian firms are increasingly adopting these methods, with one WA mining company reducing unauthorised access attempts by 80% after implementing ZTA in its SCADA systems.
Conclusion
Australia’s instrumentation, process control and automation industries face a complex cybersecurity landscape, driven by digital transformation and evolving threats. By fostering collaboration between process control network owners and cybersecurity stakeholders, maintaining comprehensive asset inventories and implementing secure access methods, organisations can significantly enhance OT security.
|
![]() |
Rising cyber threats to Australia's industrial sector demand urgent action
Now is the time for organisations to prioritise OT security so that Australia's industrial...
Linux is coming!
The Linux operating system is growing in popularity with industrial controller vendors.
Every time you update an OT network your cyber risk increases
OT network operators are unknowingly introducing significant cyberthreats to their networks every...