October 16, 2023 Cybersecurity Transformation in Manufacturing

Continued cyberattacks have moved the critical infrastructure sector to take on a “never trust, always verify” Zero Trust philosophy.

By Navneet Singh, vice president of marketing, network security, Palo Alto Networks  

Digital transformation and connectivity in operational technology (OT) environments offer great promise. Unfortunately, they also increase the potential attack surface for cyber criminals to prey on – and that’s especially true when it comes to remote workers.

As IT and security leaders in manufacturing organizations navigate this challenge, they can look to a Zero Trust model – a widely adopted strategic approach within  cybersecurity that focuses on  eliminating implicit trust and continuously validating every stage of a digital interaction. This offers a useful framework for securing assets, networks, and remote operations across plants and remote sites. 

Grappling with remote access

OT networks are full of devices that weren’t built or designed with security in mind. OT systems often have legacy technologies that are unseen, untouched and unpatched. This makes securing manufacturing environments especially challenging.

Compounding these factors is the fact that manufacturers increasingly need to give access to remote workers – including employees, partners and vendors – and they are all accessing facilities, data and devices from potentially anywhere in the world.

Most industrial control systems (ICS) and SCADA assets have external connections. For example, some third-party vendors  access OT networks remotely in order to provide essential maintenance, updates and support for industrial equipment and systems. This remote access enables efficient troubleshooting, software updates, and timely responses to issues – while also minimizing downtime and ensuring the continuous operation of critical infrastructure. However, this also adds another threat vector. And ICS and SCADA systems have become bigger targets for bad actors, with more than 40% of global ICS systems experiencing some kind of cyber-attack in 2022.

Building a Zero Trust environment in manufacturing

One benefit of a Zero Trust approach is that it creates a connectivity-agnostic environment that helps build a comprehensive inventory of connected devices and alerts security teams of cases that deviate from normal network behavior. A Zero Trust framework makes it easier for companies to secure their remote workers within a wide range of functions and responsibilities. That’s because it offers a standardized way to protect all the many devices and sensors inside and outside a plant. 

Here are some of the basic principles around Zero Trust and how they can help manufacturers: 

• Start with comprehensive visibility:  Know and assess your OT threat surface with accurate visibility across the entire footprint of your organization. You can’t secure what you can’t see.
• Deploy segmentation and least-privilege access control: Separate your OT networks from corporate IT and the internet, and ensure every user only has access to what they need to get their job done.
• Practice continuous trust verification and security inspection Ensure you have a security system that continuously inspects all network traffic  and validates the security posture of all of your OT assets, users and applications.

How manufacturers can improve remote ops via Zero Trust  

Manufacturers have a lot to lose if they can’t solve these connectivity, access, and authentication issues. Think of the potential damage in Oldsmar, Fla., in 2021 when a plant operator noticed that someone remotely accessed the computer system he was monitoring. After gaining access to the network, the sodium hydroxide levels in the city’s water increased from 100 parts per million to 11,000 parts per million, a potentially dangerous increase. Fortunately, the plant operator noticed the dramatic change and reversed the increased amount of sodium hydroxide. Regardless if it was a direct action by a threat actor or a mistake by a well-meaning employee, the impact could have been deadly, so maintaining vigilance is critical.”

A comprehensive Zero Trust solution can help with:

• Secure access for all remote workers. A Zero Trust framework applies not just to workers in the plant, but all remote employees, be they internal salespeople, design engineers, or business partners and other third parties. This is especially important as third-parties, such as contractors, may be using unmanaged devices.
• Consistent management and access. Network administrators have one system to manage, and users have one interface to learn across all IT, OT, and cloud applications. This reduces errors and potential data leaks by ensuring that users access only the data and applications they need for their jobs.
• Continuous security inspection: Complete Zero Trust ensures that in addition to access control, advanced and continuous security inspection prevents threats while allowing legitimate traffic.

It can also help with a company’s bottom line, because it ultimately helps  reduce the cost, time, and negotiations associated with purchasing, deploying, and operating a distributed remote access environment.

Securing the future of remote work in manufacturing

We are now many years from the old Cold War axiom during the Reagan administration of “trust, but verify.” From individual companies to the country’s leadership, it’s clear that zero trust principles have become critical and we should “never trust, always verify.”  As manufacturers expand their operations and take on more remote workers, it’s nearly impossible for IT and security leaders to manage all the technical challenges without embracing zero trust. Remember that it’s a journey that will take months, even years, but with the right leadership, manufacturers can get there.

Subscribe to Industry Today