With the rise of IT/OT convergence companies must stay vigilant.
by Jonathan Nguyen-Duy, vice president of strategy and analytics, Fortinet
Companies that manufacture goods are now able to collect and leverage massive stores of data to gain valuable business insights into such things as customer demand, inventory management, and competitive differentiation. With advanced analytics, they can learn what it takes to stay lean and agile, such as integrating IT with operational technology (OT), to accelerate innovation, improve productivity, and enhance user experiences.
While these digital transformation initiatives may look familiar, the unique challenges associated with the manufacturing require solutions that are specific to manufacturers. According to Fortinet’s recent State of Operational Technology and Cybersecurity Report, almost three-quarters of companies in the manufacturing sector experienced a breach over a 12-month period. Cyber incidents such as these can derail any progress that leaders may have gained through digital transformation. Similarly, customer and employee experiences are another facet of business that must be safeguarded. And for manufacturers particularly, employee and public safety along with compliance are chief concerns, which can complicate the security element even more.
The Challenges of Managing Manufacturing Cybersecurity
Security teams must keep these considerations top-of-mind while creating consistent security strategies and policies and deploying security tools. It can be an overwhelming prospect, but with the right solutions – especially with security tools designed for industrial applications to interoperate as a single system – busy security professionals can have it all: cybersecurity best practices and streamlined, centralized control of security processes that do not compromise performance.
When selecting solutions for their organization, security teams must consider security tools designed to address the following challenges.
A complex supply chain – The manufacturing industry’s supply chain is a growing risk. Supply chains are increasingly interconnected – creating more networks edges which exposes each party to the deficiencies of the weakest link. This gives cybercriminals an opportunity to exploit gaps in visibility, awareness and control to breach networks and move between suppliers and manufacturers and compromise everything from software to firmware for consumer products – a growing challenge in the IoT space. And as organizations increasingly automate things like inventory management, and tiers of suppliers continue to deepen and expand, supply chain risk management can actually become more elusive. Complexity can actually reduce the security. Organizations not only need real-time inspection of data – especially software provided by third-party vendors, and secure connections between suppliers, but broad visibility into networks and systems and centralized security management to detect and respond to threats.
Lack of a standardized approach for handling manufacturing cybersecurity – As it stands now, there is no uniform method used across the manufacturing sector for risk assessment and monitoring – at least, not without negatively impacting operations. Companies must rely upon best practices or even invent their own wheel when they create cybersecurity strategies, choose and deploy tools, and perform ongoing monitoring and maintenance functions. To start, security solutions should employ open standards and API to ensure interconnectivity between security solutions. These security tools should also understand essential OT protocols and support the unique security challenges of OT devices and networks.
The convergence of OT and IT – For security, availability and safety reasons OT networks were previously not connected to the internet. Indeed, they were completely isolated – air gapped from IT networks. As a result, securing these controlled, isolated environments was less complex. The convergence of OT and IT networks has changed that, increasing the exposure of critical OT systems to risk as they become more connected to the Internet. Industrial Control Systems (ICS), for example, used to be offline. But now that they are connected, they are exposed to a threat landscape that grows in sophistication each day. Today, ICS systems are targets for threat actors who conduct cyber warfare and espionage, as well as those who just want to create chaos.
Employee safety – People who work in manufacturing are exposed to more risk of bodily harm than people in other sectors. Industrial production equipment, pressurized boilers, furnaces, assembly systems, and toxic chemicals in the warehouse and production environments mean that some employees work in a sea of risk. As a result, cyber attackers who disrupt systems not only interrupt business-critical operations but can cause a breakdown in the safety protocols set in motion by safety officers, putting workers at risk when systems go down or do not work properly.
Compliance – Manufacturers must be able to validate and track a variety of regulations to stay compliant. The fines for non-compliance can be crippling. There are also more subtle consequences of non-compliance, such as damage to the brand reputation or market capitalization. So it is worth investing in a solution that helps automate these mundane but important tasks.
Product integrity – Speaking of brand reputation, a security incident that impacts production can also result in product degradation. Any disruption in production has the potential to do much more damage than simply slowing down time-to-market. Cyber sabotage is designed to compromise the quality of a product, resulting in negative feelings towards the brand as a whole to either reduce the brand value or create an opportunity for a competitor. Or both.
Protecting the customer experience – The customer-first culture is not just for companies that sell directly to consumers. It now extends to the business-to-business world, where companies engage with their customers on social media and via chat bots on their website for better customer service. A cyberattack that in any way limits or degrades the customer experience can alarm customers and may cause them to seek out competitors for better service. Securing websites and teaching employees about social media security best practices is a critical part of the manufacturing cybersecurity endgame.
A Checklist for Manufacturing Cybersecurity Solutions
When researching security solutions for their organization, IT leaders should seek out the following differentiators for manufacturing cybersecurity:
- Integration: The solution should work across the entire network, providing end-to-end support for protection, detection, and response. It should also integrate with OT to help drive a consistent security culture.
- Streamlining: Any set of security solutions should enable the streamlining of data into a simplified view so leaders can make data-driven decisions.
- Edge visibility: Security should provide visibility into not just the core network, but also include coverage of new technologies like software-defined wide-area networking (SD-WAN) and the Internet of Things (IoT). It should also minimize expenditures on new hardware and licensing costs.
- Insider threat protection: Employees and vendors, whether through intention or accident, can be the weakest link in the manufacturing cybersecurity environment. Any chosen solution should address this problem with intent-based segmentation, access management, identity management, and behavior-based analytics that aim to improve bad cybersecurity habits. Finally, it should be support cyber counter-espionage so attackers can be tricked into revealing their identities.
- OT considerations: Any solution should also be able to address the unique challenges of securing OT, ideally by leveraging Artificial Intelligence to identify advanced threats.
- Manufacturing-specific hardware: Any solution under consideration should also provide ruggedized appliances that operate without fans so hardware can be protected whether deployed in the field or on the manufacturing floor.
Digital supply chains, globalization, tighter compliance standards and an increased focus on the customer experience are just a few of the challenges that manufacturers face in the digital era. To address these challenges, leaders must build their networks with security in mind from the start. They must stay on top of known and unknown threats. They also must seek out solutions that give them the tools they need to address all of these challenges from an integrated, centralized dashboard that simplifies and streamlines cybersecurity.
Jonathan Nguyen-Duy is vice president, strategy and analytics at Fortinet, where he focuses on emerging technologies and key partnerships. He has unique global government and commercial experience with a deep understanding of threats, technology, compliance and business issues. Nguyen-Duy holds a BA in International Economics and an MBA in IT Marketing and International Business from the George Washington University.