According to “2021 Cybersecurity: Assess Your Risk,” a new report from PMMI Business Intelligence, the first and most important step a manufacturer can take to improve their cybersecurity preparedness is to gain a thorough understanding of their operation’s vulnerabilities, and how those vulnerabilities can be exploited.
Modern manufacturing’s expanding scope of integrated technology is a ripe target for cybercriminals, as is the widespread adoption of cloud and edge computing.
Integrated production lines using smart sensors and actuators to collect data digitally has driven more flexible production and increased the rapid adoption of new technologies over the past decade. The desire for increased data collection continues to gain momentum and has spread across processing and packaging operations, with most companies moving toward an IIoT model of manufacturing.
79% of companies have implemented smart technologies on their processing lines, 64% on their assembly lines, and 60% at end-of-line packaging, according to recent survey data.
|Listen to this podcast on implementing edge computing.|
This move beyond just automated machine functionality and towards integrated machine communications, adopting digital data exchange, and allowing some level of secure remote access, means that every company must assess their network-connected operations to determine the potential threat of a cyberattack.
Industry 4.0 and IIoT technologies provide the opportunity for manufacturing companies to utilize the power of smart machines and real-time data analysis. Each wirelessly connected I/O (input/output) point creates new vulnerabilities of entry for cybercriminals.
The scope of data collection and monitoring schemes has also significantly expanded. It is estimated that there will be 58.1 billion IIoT connections in the industrial sector by 2024, and many plants already have a network of sensors and components tasked with monitoring and collecting data from all corners of the operation. Sensors connected to a network represent a potential point of intrusion for a cyberattack, and because individual components and sensors have limited processing capacity, they lack any internal cybersecurity safety features of their own. One analysis found that it took an average of only five minutes for newly connected devices/sensors to be targeted with a cyberattack.
While individual points of entry represent a serious threat to manufacturers, the proliferation of integration has increased the problem significantly. Enterprise-wide management systems connect all aspects of an operation to one another. With individual lines at manufacturers more integrated than ever, front-of-line operations now often directly connect to end-of-line processes to improve efficiency; and data collecting sensors and components are often networked with one another, the machines they are monitoring, and with a larger operation-wide system that gathers and organizes their data. This interconnectivity has driven manufacturing to new levels of efficiency, but it has left operations open to cyber exploitation.
|Read a story on which components should be assessed for a cybersecurity plan.|
A networked component can give a cybercriminal access to the larger network it is directly connected to, and any ancillary networks its “home” network might also be connected to. Without careful segmentation and monitoring, individual vulnerabilities at modern manufacturers can quickly become landing points for further intrusion into the company’s networks and data. The frequency of these attacks on the larger IIoT networks at manufacturers is only increasing. In 2018, attacks on IIoT infrastructure increased by 215.7%, representing about 5,200 known attacks per month that specifically targeted IIoT devices.
Cloud and Edge Computing
Another key vulnerability can be found in the evolution of data storage. Many manufacturers have turned to cloud and edge computing for data management and a wide variety of applications at manufacturers, from ERP management, to sales coordination, and real-time project collaboration. 66% of companies stated that they utilized some form of cloud services in 2017 – a number that continues to increase each year.
The use of cloud solves some cybersecurity concerns, but it creates new ones as well. For instance, by utilizing a cloud service provider, manufacturers don’t have to possess the skills necessary to run a cloud storage scheme. However, this also means that manufacturers likely do not have the knowledge and expertise to properly assess a cloud service provider from a security standpoint. If a manufacturer lacks specific knowledge necessary for cloud service work, they are unlikely to have a department that can adequately assess the security protocols at a cloud service provider.
Assessing a Cloud Service Provider
There are several ways that a brand manufacturer and OEMs can assess the quality of their cloud service provider. In general, a good cloud service provider should:
- Update and patch their systems regularly
- Have a dedicated team with verified best practices/standards to detect/correct breaches
- Test their security and security teams regularly with mock intrusions
- Maintain deep knowledge of clients’ ERP systems and needs: tailored security is more effective Restrict client user access aggressively to limit unnecessary logins and access
- Establish and maintain a robust information security management system
|Watch this video on best practices for accessing equipment remotely.|
Edge computing also presents its own set of security concerns for manufacturers. Edge computing involves moving data and processes managed by operation networks to a repository that is physically located at the manufacturing site. While this eliminates the need to verify a third party’s security and returns more control back to the manufacturer, it also creates a potentially dangerous consolidation of information. Edge networks are fed data from the entire operation; highly connected and often directly linked to many individual networks within an operation. This creates the potential for an enterprise-wide breach, as individual components can be compromised to gain access to their network.
What are potential solutions? Some of the leading brand manufacturers interviewed are keeping their networks separate and isolating their machine-based networks from their front-office enterprise networks. Read on to hear what others have to say:
- “There is always a potential for risk with a non-isolated network; we have worked this out by creating separate machine-based networks.” —Senior Automation Engineer, Medical Device Company
- “We need ways to isolate equipment for data and registration codes as well as inputs and outputs.” — Controls Engineer, CPG Leader
- “Remote workers and those in the plant are not allowed to use personal laptops on the network, devices are provided.” — Controls Engineer, Confectionary
- “Focus on becoming more secure versus more compliant and be sure to analyze the entire operation, the business process and the people.”— Managing Director, Cyber Partner
Download this FREE report below.
Source: PMMI Business Intelligence, “2021 Cybersecurity: Assess Your Risk”