President Obama recently released a Cybersecurity National Action Plan (CNAP), which clearly demonstrates that the cyber landscape is laden with threats capable of wreaking havoc on the United States, in terms of its national security, economy and continuity. The manufacturing sector is a critical component of the United States’ functioning and prosperity, which is a reality that CNAP should seek to address in three ways, which are alluded to in the proposal. Government action can benefit the manufacturing industry by: 1) raising awareness of critical industry trends, threats and real-life cyberattacks; 2) encouraging companies to adopt best practices; and 3) improving the testing of existing industrial environments, which will enable organizations to create more effective cybersecurity plans.
Raising Awareness
New technologies offer manufacturers revolutionary opportunities. The Industrial Internet of Things (IIoT), for instance, provides companies with unprecedented improvements to their industrial networks by reducing costs and improving productivity. However, as with other new forms of technology, IIoT brings new challenges with it. When industrial networks connect to external environments, such as a corporate network or the Internet, manufacturers place themselves at critical risk. Yet, many of them remain unaware of the potential damage their vulnerabilities could cause. President Obama’s plan could help educate industry professionals and leaders about the threats to manufacturing production environments. Moreover, instituting national standards will raise the minimum level of cybersecurity awareness and preparedness.
Implementing Best Practices
The general population and every member of the manufacturing community can benefit from raising the standard of cybersecurity. When manufacturers fail to use the best cybersecurity measures, they put themselves at risk, which also puts the general population at risk. Just imagine the amount of damage that would occur if a critical drug was tampered with, or suffered from production downtime. Standards themselves should be raised to include the most use up-to-date cybersecurity techniques, ranging from passive monitoring of operational technology (OT) to IT/OT isolation. According to the White House, CNAP will “double the number of cybersecurity advisors available to private-sector organizations with in-person, customized security assessments and implementation of best practices.” In addition, encouraging companies to adopt industry standards would help manufacturers establish a more resilient cybersecurity position.
Assessments and Adjustments
One of the biggest challenges that manufactures face in securing mission critical systems is analyzing what needs to be protected, in addition to identifying existing flaws and vulnerabilities. On this matter, CNAP calls for the establishment of a National Center for Cybersecurity Resilience that will provide manufacturers with contained environments, within which they will be able to test their security solutions. For instance, companies will be able to build replicas of their industrial networks and subject them to the same attacks placed against them by the most threatening cybercriminals.
A secure, effective manufacturing industry helps ensure the ongoing prosperity of the United States. President Obama’s new proposal should seek to work across the industry to address the myriad cybersecurity threats facing manufacturers. The welfare of American citizens and American manufacturers hangs in the ongoing battle against cybercriminals.
About The Author: Yoni Shohet is a cybersecurity expert and the Co-founder & CEO of SCADAfence, which develops next-generation cybersecurity solutions for the critical infrastructure and manufacturing industries.