Industry’s Media Platform of Choice
Champion Your Brand in Front of Decision Makers and Extend Your Reach Get Featured in the SPOTLIGHT
Industry’s Media Platform of Choice
Champion Your Brand in Front of Decision Makers and Extend Your Reach Get Featured in the SPOTLIGHT
Volume 27 | Issue 1
Click here to read the complete illustrated article or continue below to read the text article.
By Ahmik Hindman, Senior Network & Security Solution Consultant at Rockwell Automation
The manufacturing industry is undergoing a digital transformation, driven by the adoption of smart manufacturing technologies such as the Industrial Internet of Things (IIoT), cloud computing and AI. The rise of connected devices and the convergence of IT and OT have expanded the attack surface for cybercriminals, making manufacturers prime targets for cyberattacks from inside and outside of their organizations. For OT environments, more than 80% of threats come from outside the organization, while internal personnel unintentionally open the door for threat actors in 33% of incidents.
Further complicating the industry is the evolving regulatory landscape. The U.S. has enacted stricter cybersecurity regulations like the Biden administration’s National Cybersecurity Strategy Implementation Plan and the SEC’s new rules on cybersecurity reporting to better protect critical infrastructure and organizations. However, maintaining compliance can be challenging for smaller manufacturing companies with limited resources, as well as large manufacturers with operations spread across the globe.
Cyber threats are continuing to grow in sophistication and frequency. The manufacturing industry has witnessed a staggering 107% surge in cyberattacks since 2021. Breaches can also have costly impacts on critical infrastructure and manufacturing systems from downtimes, ransomware and rippling effects beyond the organization itself. Some high-profile examples from recent years include the 2021 ransomware attacks on the Colonial Pipeline, which caused widespread fuel shortages across the U.S., and on the JBS USA Meat Processing Company, which caused global meat shortages and prices spiking.
The growing number and vast impact of these breaches on the manufacturing sector are a wake-up call for organizations to have a comprehensive cybersecurity strategy in place to safeguard operations and critical infrastructure. That’s why the National Institute of Standards and Technology (NIST) developed its Cybersecurity Framework (CSF). Organizations can leverage this widely recognized and adaptable framework to better understand and improve their management of cybersecurity risk.
Recognizing the changing cybersecurity landscape, NIST released the public draft of the NIST Cybersecurity Framework 2.0 in mid-2023. The goal of the proposed changes in the 2.0 framework is to help increase clarity and alignment with national and international cybersecurity standards.
The NIST 2.0 updates will have many implications for manufacturers, requiring manufacturers to adapt their cybersecurity strategies to address growing complex threats and comply with evolving regulations. While the CSF is a voluntary framework, noncompliance can lead to hefty costs for manufacturers. This can include costs from unplanned downtime, cyberattacks or ransomware during downtime, and the immeasurable loss of trust from employees, customers and stakeholders.
The NIST 2.0 CSF updates help manufacturers safeguard their cybersecurity posture. While the updates illustrate a constantly changing cyber environment, it may be tough for manufacturers to adapt or even know where to begin in complying with the updates. Below, we will outline the core functions of the NIST CSF: governance, identify, protect, detect, respond and recover. These core elements of NIST 2.0 also act as steps manufacturers can take to help protect their organizations before, during and after a potential attack.
1. Governance
A key addition to NIST 2.0 is the governance category, which previously existed under the “identify” category. This addition shows an evolution and willingness to adapt as needed. The governance step elevates the importance cybersecurity risk management plays in business and compliance outcomes, as it provides organizational context in developing a risk management strategy. In this stage, roles and responsibilities are outlined and policies and procedures are put in place to ensure that teams know what to do in all steps before, during and after a breach.
2. Identify attack vectors and points of vulnerability
You can’t protect what you can’t identify. That’s why the identify function of the NIST Cybersecurity Framework is a great place to start, as it’s focused on laying the groundwork for an effective cybersecurity program. This function helps organizations develop a full understanding of their entire threat landscape, including all systems, people, assets, data and capabilities associated with an environment.
3. Protect environments
Once you’ve identified potential vulnerabilities across the organization’s cybersecurity environment, you can better protect your organization against those vulnerabilities. This involves deploying technologies that protect IT and OT environments, including firewalls, Industrial Demilitarized Zones (IDMZ), network segmentation, role-based access control, Zero Trust and patch management.
4. Detect an attack as it’s happening
After identifying assets with potential vulnerabilities and deploying tactics and tools in the protect phase, detection is a critical next step. Even if an organization has deployed extensive technologies to protect its environment, OT landscapes are constantly changing. Keeping up with detecting vulnerabilities in real time is a crucial investment for organizations to make. Manufacturers must be prepared to leverage Intrusion Detection Systems (IDS) to detect an attack when it arises. Organizations must be able to identify new assets coming into their environments on a regular basis, and real-time detection helps organizations understand active threats and their priority.
5. Incident response
When an attack happens, proper response is important to mitigate losses. Organizations must act swiftly and decisively to contain the attack, minimize its impact and restore normal operations. This is a challenging step, as organizations must get their IT and OT teams together to understand and decide how to respond when something happens. This collaboration enables organizations to gain a comprehensive understanding of the attack, identify its root cause and implement appropriate containment measures.
6. Recover operations
The recover function of the NIST Cybersecurity Framework refers to developing and implementing a plan to restore normal operations following a cybersecurity event. This step encompasses a range of activities, including system restoration, data recovery, process resumption, stakeholder communication and lessons learned analysis. These activities work together to help ensure that affected systems are brought back online, data and OT systems are restored to their pre-incident state and stakeholders are kept informed throughout the recovery process.
As the manufacturing industry continues to shift over time, cybersecurity frameworks must also change to adapt to the rising sophistication of potential threats. Manufacturers must take a proactive approach to protect their critical assets, maintain compliant operations and ensure their organizations’ resilience.
Cybersecurity is an ongoing process that requires continuous vigilance and action. By implementing a comprehensive cybersecurity strategy that aligns with the NIST 2.0 CSF approach, manufacturers can effectively identify and protect their environments, detect and respond to threats. This framework also ensures that organizations can recover from threats and maintain organizational governance to be ready for the next inevitable threat.
Ahmik Hindman is a Senior Network & Solution Consultant with more than 26 years focused on industrial control systems, with the last five years focused on IACS networks and cybersecurity. Ahmik holds a BS EE, MBA-IT, CISSP, CCSP, CCNA, Security+, NSE 3, and several ISA/IEC 62443 cybersecurity certifications.
Made To Stay: Attracting Gen Z Into Manufacturing
A childhood in Kansas, college in California where she met her early mentor, Leigh Lytle spent 15 years in the Federal Reserve Banking System and is now the 1st woman President & CEO of the Equipment Leasing & Finance Association. Join us to hear about her ambition to be a great leader.
Get In Touch
Google news and SEO compliant, Industry Today’s state-of-the-art digital media platform offers bespoke media campaigns that target key decision makers and buyers to achieve your marketing and promotional goals.
Contribute
Showcase your brand and promote your business to our highly targeted audience. We offer detailed Google Analytics with measurable ROI to assure success. Submit your content for review by our Editorial team who will contact you to discuss the project further.
About Us
Reach Your Targeted Audience and Grow Your Business. Learn more About Industry Today.
Contact Us
© 2024 Industry today. All Rights reserved.
