September 12, 2023 Beware: Cyber Threats Plaguing Manufacturing in 2023

Manufacturing’s evolving cybersecurity risks emphasize the need for an integrated security strategy and proactive defense.

By Kyle Falkenhagen, Chief Product Officer, Secureworks®

Industrial and manufacturing settings face an adversary profile that is evolving, becoming more of a “needle in a haystack” than a simple list of known threats. What’s more, manufacturing is especially at risk – sustaining nearly a quarter of all cyberattacks.

Detection and response for OT is very different than it is for IT systems. And that’s important, because as Gartner reports, 70% of asset-intensive organizations will have converged their security functions across enterprise and operational environments by 2025¹. As the role of defending IT and OT is converging, manufacturers need an integrated approach capable of defending both.  

Certainly, plenty of manufacturers have already begun this security transformation and are building strategies to battle the threats found in both IT and OT environments. Why? Because plant operations, profitability, and safety are all at stake.

Know Thy Enemy and Know Thy Self

Manufacturers face some unique, elevated risks, simply because of how their businesses work.

1. Rapid digital transformation meets advancements in OT. In recent years, modernization across manufacturing has been quick and intense. From robotics and AI/ML-enabled control systems to smart warehousing and other technologies, manufacturing has been in a full-on digital transformation. But with aggressive transformation comes lagging pieces of the puzzle – and security is too commonly set aside during these periods of modernization.
2. OT and IT integration and convergence. The days of simply air gapping are probably behind us. Manufacturing sustains 23.2% of all cyberattacks² today, making it a high cyber-risk industry. The blurring line between IT and OT means organizations have a larger attack surface to survey, often with fewer security resources. And the security of OT systems is a major safety issue and a critical part of sustaining operations and protecting profits.
3. A swift shift to the cloud. Thanks to COVID and cloud adoption, once site-based manufacturers are increasingly having some employees work remotely. This leaves plants more exposed to external threats, with OT devices and remote workers infiltrating and potentially impacting their systems.
4. Lagging cyber safety across manufacturing. Manufacturing has one of the longest tenures for employees of any industry – chief finance officers in manufacturing can have a tenure 20% longer than what’s observed in technology³. Another factor is a lack of security focus at the plant and craft employee level. This is why it’s just as important to demand cybersecurity safety as it is operational safety within a plant setting.

Forewarned is Forearmed: How Manufacturers Can Prepare

The 2021 ransomware attack on the Colonial Pipeline⁴ didn’t happen in a vacuum and many manufacturers haven’t forgotten the widespread and devastating effects this type of event can have. These kinds of events are part of why the U.S. Cybersecurity & Infrastructure Security Agency (CISA) issues numerous industrial control system (ICS) advisories throughout the year – releasing 50 ICS advisories in December 2022 alone⁵. So, what are manufacturers to do in the face of the unique threats plaguing their industry?

1. Understand your attack surface and take defensive steps. This rapid expansion of your attack surface dictates that manufacturers aggressively pursue defensive steps like patching, multifactor authentication (MFA) implementation, secure remote access, and endpoint controls. This also includes instituting a zero-trust environment. Your attack surface is to your security as your plant floor is to safety: you must secure and manage risk proactively to avoid incidents.
2. Be aggressive in your detection and response approach. Sound manufacturing security strategy goes beyond defense to include a strong detection and response approach. A threat actor can breach your perimeter, remaining undetected and execute a devastating ransomware attack in just under five days⁶. That’s why a solid detection and response plan is a game-changer for manufacturers. Defense is critical, but it doesn’t end there. You must be ready to fight back.
3. Practice makes perfect: test your defenses and keep on learning. From routine tabletop drills to required employee security trainings, the goal is complete readiness. This practice also helps create better alignment for your IT, security, and plant/OT leadership. By having synchronicity around how OT expands attack surface and having a comprehensive plan for defense and response, your plant environment will be better positioned to protect operations and ensure long-term profitability.

The face of manufacturing is changing. A once rugged machine is becoming more technologically sophisticated and integrated. Manufacturers have worked hard to build safer plant environments, but now, there’s a new frontier for safety: security. As new systems demand greater coverage from security teams, future-ready manufacturers will strategically improve IT and OT security posture to stay free of incidents. After all, the enemy used to be found in careless mistakes or injuries on site. But today, the enemy today could be as close as the laptop or device in your hand.

As VP of Product, Kyle Falkenhagen leads the Product Management and User Experience teams at Secureworks. Prior to joining Secureworks, Kyle founded two startups and led Product Management, UX, Engineering, and Marketing teams at several Enterprise Cloud and Cybersecurity companies, including DXC Technology, CSC, ServiceMesh, ExoCloud, and NetQoS. Kyle received his B.S. in Computer Science at Texas A&M University.

Sources:

¹ Gartner Market Guide for OT, August 2022

² Gartner Product Leaders Insight, March 2022

³ Age and Tenure in C Suite, kornferry.com

⁴ The Attack on the Colonial Pipeline, CISA.gov

⁵ Cybersecurity Advisories, CISA.gov

⁶ State of the Threat Report, Secureworks, 2022

⁷ Contractors, Temps, and Insider Threats, Secureworks, 2022

Subscribe to Industry Today