Understanding the Challenges of Cybersecurity for Operational Technology

#CyberSecurity #Tenable #SmartManufacturing #CyberArk

Pro Manufacturing Media collaborated with Tenable and CyberArk to address the cybersecurity challenges for manufacturing organizations across sectors and scales.

Smart Manufacturing or Industry 4.0 has been around since the turn of the century and as the proliferation of connected devices has increased both in the personal as well as work spaces. The challenges to the safety and security of these integrated operations, then, have become a matter of concern with ever-increasing chances of attacks for ransom. When machines were analogue (manually operated) disrupters would have to physically access machines but now with the digitally controlled systems, hijacking of plant machinery from a remote location is a real threat.

Loss of production as a result of cyberattack is just one aspect. Monetary losses in terms of production can be gauged but the loss of data or harm to operating personnel would be invaluable. Which is why cyber security in operational technology has to be thorough.

● So, how do we do it?
● How do we scale up?
● Is machine identity a new hacker target?
● How do we secure machine identity?

The key to securing IT/OT operations begins with access control. In the modern IoT-powered factories and automated machinery, access to a workstation manifests tremendous power in the hands of that person which means, only the people who understand the gravity of that power should be given access. There are three keywords - Confidentiality, Integrity and Availability - which govern the IT security strategy for any organization.

But, when it comes to OT, the KPIs begin with Uptime, Quality and then Safety. To ensure maximum production, maximum Uptime is the top priority followed by the Quality of output and finally comes the Safety of equipment and personnel. What we have to understand is Safety of equipment is a function of cyber security, without which, the entire production line might be vulnerable to attack that can affect the Uptime worse.

In a smart factory all the departments, be it suppliers, stores, shopfloors, they are all connected through an ERP system which ensures that right decisions are taken at the right time to keep manufacturing lean and continuous. But it is this connectivity that also makes the entire system vulnerable as the compromise of even one access point can be potentially disastrous, bringing the entire factory down on its knees.

Which is why all leaders should debunk the following myths for their teams.

1. We are not connected to the internet

The automated manufacturing system might not have access to internet through Wi-Fi or LAN, but the moment a laptop is connected to the machine controller, the entire system becomes vulnerable if there is a malware in that laptop.

2. Firewalls are enough

Firewalls offer protection against known threats and their ilk but they do not ever offer 100 per cent protection from malware attacks. For example, you could have a VPN to run the machines and the systems with firewalls but someone with a USB can very well make it vulnerable.

3. Hackers are not interested in Machines

Hackers might not be interested in the machine code or the operational nuances of its data but they can very well be interested in bringing it all down to a halt for a ransom and that is a very probable possibility if we account for recent events across the globe

4. Facility is not a target

We have to assume a Zero Trust Environment when dealing with cyber security which means leaders have to assume that the facility is always a target. The security protocols thus drafted will create a strong first barrier in case of an attack

5. Safety Systems are enough

Cybersecurity is not a one-time solution. As new technologies emerge day in and day out, existing solutions become obsolete. And hence, the safety net which seems enough today will certainly not be enough tomorrow or the day after.

How do we ensure our approach to cyber security is on the right track?

The most important aspect of cybersecurity is knowledge and it begins with the knowledge of assets. It might be easy to track the electronic devices in a small firm but when it comes to MNCs with operational facilities connected across the globe, the knowledge of IT and OT assets is of utmost importance.

“You cannot defend what you do not know” and hence, to chalk out an effective defense strategy, inventory of assets is the first step.

The next step is monitoring. Here, the communication protocols must be clear and transparent because only then the analysts will be able to detect any anomalies in the system. If we do not know the inventory, monitoring all assets becomes impossible and hence anomalies go undetected.

Periodic vulnerability audits go a long way in not only sanitizing the IT/OT landscape but also bring cybersecurity back on the priority list of the stakeholders.

In case there is a breach, the security system should have enforcement points to contain the damage within a specified area. Having SOPs for after-attack protocol in place goes a long way in bringing the system back online by securing data and tackling the breach.

Finally, emphasis on cybersecurity not only at the leadership level but also across the rungs, right to the shop floor is important. Periodic workshops and coordination between security agencies go a long way in minimizing vulnerabilities.

Well, as we have mentioned before, the list can never be comprehensive and every IT-OT landscape is unique in itself and it requires in-depth audits and expert analysis to come up with a solution to stem cyberattacks on manufacturing facilities in the wake of increased automation and digitization of processes.

Pro MFG Media Newsletter

Get regular manufacturing insights that matter and enable business.