Why Australian manufacturers must improve cybersecurity
Australia’s manufacturing industry is resurging following a difficult few years. To maintain this positive momentum, it’s essential for manufacturers to understand the risks of cyber attacks, especially as they adopt new and emerging technologies, and take appropriate steps to protect themselves.
The manufacturing industry is benefiting from automation and the Industrial Internet of Things (IIoT), but that also means manufacturers are being exposed to more cyber threats. Each automated and connected device is a potential entry point into a company network and must be treated as such.
Manufacturing is Australia’s sixth-largest employer by industry, employing up to 1.3 million people in Australia1 and accounting for 8% of all employment2 and about 7% of GDP1. Since 2007, the sector’s real output declined by 13% but, in the 2016–17 financial year, the value of Australian-made goods sold to international markets hit a record high of more than $100 billion, demonstrating a strong resurgence.2
Australia’s manufacturing industry is likely to continue to improve as manufacturers adopt new types of technology that streamline operations and help to identify new opportunities. For example, Australia has a $2.1 trillion market opportunity if it uses artificial intelligence (AI) and related technologies to transition its industry base and accelerate automation.3
Gartner predicts that more than 20 billion devices will be connected by 2020, by which point it expects that more than 25% of all attacks on enterprises will come via IoT devices.4 If every device is a potential weak point, the broader use of automation and IIoT will continue to be held back until companies figure out a way to protect themselves.
High-tech manufacturers are an increasingly tempting target for attackers because they possess valuable intellectual property. The adoption of new technologies delivers competitive advantages, so it’s important for manufacturers to know how to secure their networks and critical infrastructure before they deploy it.
Operational technology and critical infrastructure can’t go offline, so it’s important to be able to monitor the security status of this infrastructure without causing downtime. Passive security techniques let businesses see, classify and monitor network-connected devices without disrupting operations.
Legacy devices that were never meant to be connected to the internet, such as manufacturing systems, weren’t designed with security and today’s sophisticated cyber attacks in mind. It’s essential to monitor their activities and look out for uncharacteristic actions to protect the business.
Many organisations invested in equipment with the expectation that these machines would last decades before being replaced. Upgrading this equipment to make it more secure requires additional investment, which may not have been budgeted for.
Investing in modern security infrastructure is essential; however, many manufacturers don’t see the urgency. Creating a business case for investment is complicated by the fact that, rather than demonstrating a net gain for the company, it is considered to merely prevent a loss. Mitigating cyber attacks can save manufacturers time and prevent costly downtime, and those are key reasons why this shouldn’t be underestimated.
To ensure the maximum benefit from technology such as IIoT, coupled with minimal risk, it is critical for manufacturers to take the time to understand the security implications, and take steps to mitigate them.
- Mather J 2018, ‘Manufacturing growth quickens to 12-month high’, Australian Financial Review, <http://www.afr.com/business/manufacturing/manufacturing-growth-quickens-to-12month-high-20180101-h0ca9p>
- Stanford J, Swann T 2017, Manufacturing: A Moment of Opportunity, The Australia Institute: Centre for Future Work
- AlphaBeta 2016, The Automation Advantage, <http://www.alphabeta.com/wp-content/uploads/2017/08/The-Automation-Advantage.pdf>
- Gartner 2016, Gartner Says Worldwide IoT Security Spending to Reach $348 Million in 2016, <https://www.gartner.com/newsroom/id/3291817>
Is the latest darling of IT ready for the world of supply chains?
Protecting critical infrastructure systems is imperative, but it is necessary to determine how to...
There are very strong parallels between industrial cybersecurity and those of process safety in...