December 17, 2018
By David Hatchell
As the calendar turns to 2019, continuous and effective manufacturing operations will depend on stronger cybersecurity efforts. The U.S. National Center for Manufacturing Sciences estimated that breaches cost manufacturing companies between $1 million and $10 million. Increasingly, those expensive attacks are coming from different points—externally, in the form of malicious nation states, and internally, from careless or intentionally destructive insiders. In 2019, these attacks will likely also grow in complexity, as hackers become more knowledgeable about how to exploit manufacturing plant vulnerabilities.
Here are three cybersecurity trends that will impact manufacturing in 2019.
Increased risks posed by the Industrial Internet of Things (IIoT)
Digital transformation will flourish—but so will risk levels, which will increase commensurate with the amount of connected devices and components as IIoT expands across the manufacturing floor. More people will have remote access to more plant devices, bolstering the chance for human error or intentional threats.
Simultaneously, hackers will have a broader and more inviting attack surface underpinned by shared infrastructure, platforms, and applications. Tapping into this surface has the potential to yield significant paydays for enterprising bad actors. We’ve already seen examples of the impact that attacks against industrial networks can have, such as costly and devastating incidents like WannaCry, NotPetya, Meltdown, and Spectre.
Both IIoT and IoT will continue to be a source of concern for many organizations. According to a recent Forcepoint survey, 81 percent of our customers identified the disruption of IoT as an important security issue. To prevent disruption, companies must strive to gain greater visibility into their IoT systems. Monitoring users’ interactions with those systems will be a good place to start. For IIoT systems, organizations will need to move from visibility to control where the IT and OT networks converge to protect against deliberate, targeted attacks.
Focusing on users will be increasingly important
In 2018, auto manufacturer Tesla endured a malicious insider attack in which a single employee made source code changes to the company’s Manufacturing Operating System and collected and distributed proprietary Tesla data to third parties. It was a classic example of a physical kinetic attack and data exfiltration perpetrated by a compromised insider trying to corrupt Tesla’s manufacturing process. It was also a sobering reminder that, despite all of the technical jargon associated with cybersecurity, people lie at the heart of all cyber attacks.
But people can also be the greatest bulwark against attacks. That’s why, in 2019, we’ll see manufacturers invest in technologies that take user behavioral patterns into consideration when it comes to security.
In addition to monitoring systems, companies will monitor people’s interactions with those systems. Unlike technology, people and their responsibilities can change over time; a person might get promoted, for example, and have more direct access to sensitive data. Monitoring that user’s behavioral patterns can help indicate whether or not they have been compromised or they are exhibiting questionable behavior that may raise a red flag. Appropriate security measures can be targeted to the individual without impacting the work of others or constraining the availability of the company’s manufacturing tools and processes.
As organizations explore these types of technologies, they’ll want to look at solutions that have been tested in other high assurance IT environments, such as those used by the federal government. Those infrastructures require lofty security standards. Manufacturers would do well to emulate those standards and use similar tools within their own organizations.
More government security guidance for manufacturers
Indeed, the U.S. federal government and manufacturers have much in common. Like manufacturing, the government needs to balance uptime and availability with security. As such, federal agencies have established standards to help them in this effort. In 2019, the government will continue along this path and share its knowledge with the manufacturing sector.
We are already seeing this effort take shape. Consider the National Institute of Standards and Technology’s Smart Manufacturing initiative, which provides programs and recommendations for efficient and secure plant operations, or the Defense Federal Acquisition Regulation Supplement cybersecurity requirements for small manufacturers. Similarly, efforts in other regions, such as Europe, will follow the European Union’s Directive on cybersecurity, prompting more information sharing and reporting.
Manufacturers must do whatever is necessary to reduce risk
The latest data from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) showed that of the incidents reported, 28 percent were attributed to “unknown.” That’s a large portion of unidentified incidents—a scary proposition.
It’s unlikely that things will get easier in 2019, but manufacturers must do whatever is necessary to get that number down, especially as digital transformation grows, bringing along with it more risk exposure. The government will continue to do its part to help. Manufacturers can do their part by complementing those efforts and recommendations with a focus on the behaviors of their most valuable assets—the people running their operations.
About the Author:
David Hatchell is vice president, Critical Infrastructure, at Forcepoint. A veteran of the technology and security industries, Hatchell formerly led the critical infrastructure practice at Intel/McAfee and Belden. The unit will focus on tailoring Forcepoint solutions to the unique product requirements, challenges, and markets of the critical infrastructure space.