Manufacturers' transition to digital and cloud has, however, accelerated the importance of effective cybersecurity measures in a growing battle against operational threats and data privacy vulnerabilities.
A growing battle against operational threats and data privacy vulnerabilities
As global organisations embrace industry 4.0, smart factories are revolutionising the manufacturing sector. The booming growth of information technology has led to the digital transformation of manufacturing with the vast digitalisation of production systems, logistical solutions, and business processes. Smart factories are now festooned with an abundance of programmable controllers, IoT devices, robots, digital control systems, analytics and machine learning and integrated corporate networks that dramatically increase the output and efficiency of production. The increase in technology adoption is driving smarter operations that are more agile, flexible and productive.
The transition to digital and cloud has, however, accelerated the importance of effective cybersecurity measures in a growing battle against operational threats and data privacy vulnerabilities.
In fact, the manufacturing industry is said to be the third most targeted sector by cybercriminals. In a recent independent survey, Vanson Bourne - the enterprise technology market research firm found 75% of smart factories had been targets of a cyberattack also suffered from system outages, with more than two-fifths (43%) of these outages lasting for more than four days [1]. The online survey involved 500 information technology [IT] and operational technology [OT] professionals in the United States, Germany and Japan.
Cyber threats in the manufacturing industry have dramatically evolved over the last decade as the intelligence and creativity of attackers have grown. The attacks not only focus on IT systems but also on critical OTs – sensors, devices and software that are part of the manufacturing process. They have also come in all shapes and sizes such as IP theft, phishing, ransomware, IoT attacks and supply chain disruption.
To mitigate the security risks manufacturers are under constant pressure to review the many threat vectors in order to formulate the most suitable responses.
Before the rise of smart factories, the security of manufacturing had been achieved through strict access rights management that physically isolated systems. Today the core part of a factory network is connected to wider corporate systems and wireless networks - making them more vulnerable. Once considered secure and almost impenetrable, some cybersecurity solutions might no longer be enough for the increasingly complex ecosystem formed by connected manufacturers i.e., the traditional perimeter approach may have sufficed in the past. A zero-trust policy embraces a more robust 'never trust, always verify' principle, hence preventing insider attacks - a common threat of cloud services.
This is why manufacturers can no longer underestimate the evolving cyber landscape. Both preventive measures and active defences need to be applied: cryptographic countermeasures, systems of intrusion detection, proactive staff training and well-thought incident management practices are all part of a protective toolkit.
Compliance with industry standards and regulations is a given. While regulations aim to strengthen security, they sometimes place an overwhelming burden on some organisations. As a result, rigorous regulations have, in the past, encouraged companies to circumvent the regulatory requirements that were intended to promote best practice - creating some unintended consequences. Consideration is needed when assessing whether adopting such a solution on your own smart factory will be truly beneficial.
Encryption and strict access control are prerequisites. Digitalisation is simultaneously both a problem and a solution. While the IoT wave could optimise production it also adds multiple unsecured devices to the network which explains why IT solutions have been developed to safeguard the confidentiality and integrity of data accessed through corporate systems. These include symmetric encryption algorithms, hybrid encryption schemes, cryptographic hash functions, digital signatures, public key infrastructure (PKI) and key distribution protocols for identity and context-based access control.
Intrusion Detection Systems drill deep into data packets to inspect and detect vulnerabilities. Smart factories need to be able to dynamically react to any abnormal behaviour preventing intrusion attempts from both from outside and within the organisation. These systems may be network-based – running on each IoT node, knowledge-based – using knowledge of previous attacks and vulnerabilities to predict new ones or behaviour-based – using machine learning to spot abnormal behaviour.
AI and machine learning are other weapons in the security arsenal that ensure safety and intelligence is built into every level of the manufacturing process. Self-learning AI can analyse massive quantities of risk data at speed allowing threats to be detected in real-time, or even predicted based on risk modelling. AI can identify and prioritise risks, instantly spot malware on a network, guide incident response, and detect intrusions before they begin. And as AI evolves, a framework must be defined to ensure accuracy and ethics are maintained.
Humans are arguably the weakest link in any business when it comes to cybersecurity. Employees are invariably the first line of defence in protecting a business, emphasising the need to ensure everyone is trained and prepared. Skilled security personnel and regular security training for all the employees is crucial. Make sure everyone understands the security policies in place and carefully track compliance with security protocols. Robust staff training and intrusion prevention systems can limit the impacts from both deliberate insider attacks and falling victim to social engineering methods like phishing attacks.
Have a Response and Recovery Plan in Place
The old adage: hope for the best, plan for the worst rings true. Once a successful attack penetrates the defences then the overall recovery will depend on the ability to respond so that operations can resume as soon as possible. A cybersecurity breach can be catastrophic – it impacts everyone along the supply chain. A robust cybersecurity strategy will result in better outcomes. An immediate response is only possible if there is a respective plan in place that can dramatically minimise losses to production, equipment, and reputation.
Mohan Naidu
FPT UK Managing Director