Cybersecurity: In Need of Evolution

"One critical need is to evolve from having a predominantly reactive attitude and approach to cybersecurity."

Jeff Reinke
Jan 24, 2019
Protection Background Technology Security 524882074 701x502 (1)

The dynamics of industrial network security create an environment that is unique on a number of fronts. Diverse data origins and applications, inconsistent internal networking strategies, and the reluctance of many to truly appreciate the breadth of the isse can make cybersecurity a daunting task. IEN recently sat down with Andrew Kling, senior director of cybersecurity and system architecture at Schneider Electric to discuss some key strategies that can help the industrial sector grow and improve an area that impacts all facets of the enterprise

Jeff Reinke, IEN: How would you describe the current state of cybersecurity in the industrial sector?

Andrew Kling, Schneider Electric: In need of evolution. Particularly in the advent of the digital transformation and Industrial Internet of Things (IIoT), cybersecurity can no longer be an afterthought; there’s too much at stake both financially and operationally. We must look beyond competitive lines and collaborate globally via information sharing to up-level risk awareness and prepare together to ward off the looming threat of cyber-attacks.

It’s a global threat that impacts not just those directly tied to the industrial sector, but anyone at risk of an attack – the entire global population. One critical need is to evolve from having a predominantly reactive attitude and approach to cybersecurity.

JR: What is some of the low-hanging fruit for manufacturers when it comes to cybersecurity? Where do they need to start?

AK: We can’t emphasize enough the importance of engaging with a team that can provide a professional site security assessment. Cybersecurity threats evolve daily. It’s a process that will never have a completion date as things change and new threats pop up constantly.

Manufacturers must look beyond the status quo they have done for years and engage with external experts who can continually monitor and suggest process changes to ward of the latest threats. Other specific recommendations to strengthen site security practices includes:

  • Look to your facility’s supply chain. Demand cybersecurity awareness from your suppliers.
  • Apply and maintain documented procedures provided by systems, solutions and software suppliers.
  • Be aware of industry cybersecurity standards and implement and adhere to these standards.
  • Make security part of the operations lifecycle, including strong employee training.

JR: Where does the industrial sector struggle the most? Why?

AK: The struggle is with consistency, once the initial proactive steps are taken. Or, post-incident when the dust has settled and there’s an urge to be lulled back into a false sense of security given the heightened attention to prevention that happened immediately post attack. Resources will be plentiful in the immediate wake of an attack, but once the incident has passed, maintaining the proper level of resources can be an uphill battle.

A continuous assessment of the ever-evolving security risks and a plan to address them is essential to leveling out preparedness. Having a proactive program, inclusive of a regular security assessment process, can lessen the risk of an attack and make it much easier to keep a security-focused program alive.  

JR: The connected enterprise has broken down a lot of silos between operations, IT, procurement, etc. What silos need to be broken down for industrial cybersecurity to improve?

AK: There needs to be more perspective into each other’s worlds by security professionals in operations, IT, procurement and all areas of the business. IIoT and the general digitization movement requires manufacturers to unify their operations and business processes. One way is by bringing the IT functions historically controlled within the business closer together with the operational technology (OT) functions that historically controlled the manufacturing process.

The plain truth is that these two groups already share the cybersecurity risks. These are the  benefits of more connected and intelligent devices that allow for better visibility and control of more than just the real-time efficiency of operations. Plant managers now can also control other critical business variables in real-time, including safety, reliability and operational profitability. Just remember, with this improved connectivity and all of the associated benefits, come shared cyber-risks between those connected parts of the business.

JR: What element of employee involvement needs to be improved to make cybersecurity better?

AK: Organizations should promote general cybersecurity awareness by providing regular and ongoing employee training focusing on the detection of potential risks such as phishing and appropriate network use. Basic cybersecurity knowledge is a requirement for all employees in today’s business environment. Also, IT and OT professionals must regularly be trained to understand the cybersecurity risks and the best preventative steps possible when maintaining company assets.

JR: Looking forward, what is the biggest change that needs to occur in order to optimize industrial cybersecurity?

AK: Awareness of how great the risks are and a willingness to look beyond a single organization’s situation, and work toward the greater good of cybersecurity collaboration, information sharing and prevention. We are facing a new reality and geopolitical climate where malicious actors have unlimited time, resources and funding to carry out cyber-attacks. The only way to address this behemoth threat is alliance and cooperation against growing threats. 

Latest in Home
Manufacturing Business Management
Sponsored
Manufacturing Business Management
April 17, 2024
President Joe Biden speaks at a campaign event, Tuesday, April 16, 2024, in Scranton, Pa.
Biden Seeks Higher Tariffs on Chinese Steel
April 17, 2024
People watch the sunset at a park on an unseasonably warm day, Feb. 25, 2024, in Kansas City, Mo.
Study: Climate Change's Economic Bite Will Hit $38 Trillion a Year
April 17, 2024
An airplane flies over a sign on Boeing's 737 delivery center, Oct. 19, 2015, at Boeing Field in Seattle.
Boeing in Spotlight as Congress Calls Whistleblower to Testify About Plane Defects
April 17, 2024
Related Stories
Out Of Office Written In Speech Bubble, Winter, Christmas Vacation Concept 1333583899 1154x914 (1)
Home
No MBT Newsletters Until Jan. 3
Mbtmag com Why Industry Specific Erp Systems
Home
Why Industry-Specific ERP Systems are Essential in Today’s Economy
Out Of Office I Stock 1075416202 5efe1da207e14 5fe278ce57373
Home
Heads Up: No MBT Newsletters Until Jan. 4th
All-In-One Manufacturing Management
Sponsor Content
All-In-One Manufacturing Management
More
Intuitive and Flexible Manufacturing ERP
Sponsored
Intuitive and Flexible Manufacturing ERP
Acumatica looks to offer new solutions.
April 17, 2024
President Joe Biden speaks at a campaign event, Tuesday, April 16, 2024, in Scranton, Pa.
Operations
Biden Seeks Higher Tariffs on Chinese Steel
He wants to triple tariffs on steel from China to protect American producers from a flood of cheap imports.
April 17, 2024
People watch the sunset at a park on an unseasonably warm day, Feb. 25, 2024, in Kansas City, Mo.
Operations
Study: Climate Change's Economic Bite Will Hit $38 Trillion a Year
By 2049.
April 17, 2024
An airplane flies over a sign on Boeing's 737 delivery center, Oct. 19, 2015, at Boeing Field in Seattle.
Quality Control
Boeing in Spotlight as Congress Calls Whistleblower to Testify About Plane Defects
The whistleblower's lawyer says Boeing has ignored the engineer's concerns and prevented him from talking to experts about fixing the defects.
April 17, 2024
Ap24108405133403
Operations
Tesla Wants Shareholders to Reinstate $56 Billion Pay Package for Musk
It was rejected by a Delaware judge.
April 17, 2024
Ep148
Video
Conagra to Close Wisconsin Plant, Lay Off Over 250
The company says it can meet its business needs by making its products in fewer facilities.
April 16, 2024
People are seen aboard the container ship Dali, Monday, April 15, 2024, in Baltimore.
Quality Control
Ship That Caused Bridge Collapse Had Electrical Issues While Still Docked
Alarms went off, indicating an inconsistent power supply.
April 16, 2024
Boeing employees walk the new Boeing 787-10 Dreamliner down towards the delivery ramp area at the company's facility after conducting its first test flight at Charleston International Airport, Friday, March 31, 2017, in North Charleston, S.C.
Operations
Boeing Pushes Back on Whistleblower's Allegations
The company detailed how airframes are put together.
April 16, 2024
I Stock 1282301044
Quality Control
For Tracking Customer Feedback, Product Roadmaps are Key
Actually recording and consolidating customer feedback can be tricky, but thankfully, there are some technological solutions that can help you.
April 15, 2024
I Stock 1220068378
Operations
How the De Minimis Loophole Has Crippled Industries
Most Americans don't even know about it.
April 15, 2024
Ep147tn
Video
Tesla to Cut More Than 10% of Workforce
That's 14,000 jobs, or more.
April 15, 2024
Tim 165
Video
Quaker Closes Plant; Philips Must Overhaul Production; Russian Airplane Part Scheme | Today in Manufacturing Ep. 165
Also on the podcast, largest global wood pellet supplier bankrupt, GM drops base hummer, VW's badge tech prevents animal strikes, new farm forecasting app and AI solution bridges industrial maintenance skills gap.
April 15, 2024
Ap24103728113698
Operations
U.S. Steel Shareholders Approve Takeover by Japan's Nippon Steel
President Biden has come out in opposition to the deal.
April 15, 2024
Ap24106105666614
Operations
White House to Provide $6.4B to Samsung for Making Computer Chips in Texas
Samsung's cluster in Taylor, Texas, would include two factories that would make four- and two-nanometer chips.
April 15, 2024
Ep146
Video
Walmart Turns to Autonomous Robot Forklifts
The robots will take over much of the manual labor on warehouse loading docks.
April 12, 2024