How to Stay Secure From Cyberthreats Affecting Manufacturers

Instead of worrying about having to shut down the shop because of a cyberattack, or a cyberattack shutting down the shop floor by itself, implement these steps to help improve the security of your business.

Manufacturers are currently going through a digital transformation age, which is changing the technology landscape in the entire industry. Today, manufacturing equipment connected to the network can provide process feedback, predict failure rates, and communicate in real time with a larger manufacturing system. Manufacturers leverage this data from the plant floor to optimize their business.

Unfortunately, this digital transformation is causing manufacturers to increasingly become more vulnerable to cyberattacks. Over the last couple of years, the industry has seen annual double digit increases in the number of attacks on manufacturing systems. We’re transitioning to a period where Industrial IoT (IIoT), Industry 4.0 and IT/Operational Technology (OT) has become the norm in the manufacturing industry, but it’s also leading to major security challenges. IIoT is pushing the convergence of IT and OT where both IT and OT teams need to understand the risks imposed by IIoT devices connecting to the Internet or corporate network and determine how to track and monitor those risks. And Industry 4.0 moves data from complex systems into converged platforms (PLM, ERP, MES, etc.), where some may call the information in these systems “the crown jewels” of their IP. Once that gets hacked, it’s game over for manufacturers.

When it comes to cyberattacks in the industry, there are two major concerns; intellectual property (IP) and downtime caused by breaches. Hackers target manufacturers for their product designs, computer-aided design (CAD) and computer-aided manufacturing (CAM) data, bill of materials and production process information. They also target a manufacturers programmable language controllers (PLCs) and manufacturing execution systems (MES), which are what makes the production line move. A breach into these systems could cause downtime, missed supplier commitments and huge financial losses.

Instead of worrying about having to shut down the shop because of a cyberattack, or a cyberattack shutting down the shop floor by itself, implement these steps to help improve the security of your business.  

Need for increased visibility: It’s crucial for manufacturers to have visibility into their network so they can see and understand threats as they happen. With visibility of the network, the security team can identify when a new device comes on line or a new IP is recognized. It also allows you to identify which device(s) are causing problems, and when a device on the shop floor is talking to another device that it shouldn’t be communicating with. Tools such as security event information event software, and network monitoring applications can aid in real time visibility.

It is time to patch: Let’s say you manufactured a ball joint. Traditionally, there was no need for changes.  The injection molding was the same, the specs, process, and systems didn’t need to change for decades.  Even the PC operating system and patch level stayed the same. Well, now Industry 4.0 is changing all of that. These systems now connect to the internet meaning we need to patch vulnerabilities. Previously, manufacturers were concerned that patching could impact their specific software, so they neglected it.  That isn’t an option anymore. Manufacturers need to patch, test patches against software, and upgrade systems that can’t be patched anymore. 

Connectivity & Collaboration: Many manufacturers have plants across the globe where remote access is necessary. Plant managers need to access the shop floor from anywhere and vendors need access to their machines for diagnostics, performance metrics and updates. Different business units from across the globe need to communicate on one network, in real-time. VPNs, SDWAN, two factor authentication, 24x7 monitoring, and third party security are all topics of consideration now. For organizations with limited teams or skillsets, outsourcing to a vendor may be a viable approach.

Rapid response: Your business is more connected than ever. Even if you follow the tips above, and go above and beyond industry best practices, something is going to happen. It is a matter of time before there is a security incident. Plan ahead. Develop procedures, educate both internal and external teams and make sure they know what to do when a breach occurs, and practice these procedures regularly. If you do not have expertise on hand to deal with a security incident, reach out to a partner to fill any gaps. Partners can help with proactive threat mitigation, threat investigations and threat response. When something happens, timing is key. Having people, processes, and partners in place is key to a rapid response.

The digital transformation age is already here, and hackers aren’t going anywhere. Don’t wait for a breach to happen on your network to make a change. Implementing these key tactics can make a huge difference in your security posture.

Dan Hoban is CSO of Nuspire Networks.

More in Cybersecurity