Cybersecurity company Trend Micro released on Monday details from a recently concluded survey that analyzed the current state and challenges facing industrial cybersecurity, especially in securing manufacturing and smart factories. It looks into the importance of industrial cybersecurity within these environments across the U.S., Germany, and Japan.
The study, “The State of Industrial Cybersecurity – Converging IT and OT with people, process, and technology,” aims at highlighting the challenges from the perspective of people, process and technology, the implementation rate of cybersecurity technical measures, and the status of collaboration between the operational technology (OT) and the IT environments within these organizations.
As manufacturing and smart factories around the world are implementing digital transformation to survive and continue to grow, cybersecurity threats have become a top concern, Trend Micro said. The key to moving forward is to improve asset visibility, identify the risks, and set goals within the IT and OT environments. Apart from this, manufacturing companies must also understand the differences between the IT and OT structures, and involve the people, processes, and technology from the two environments to come together and deliver better industrial cybersecurity, it added.
IT/OT convergence has been an important issue for a long time, as there were inconsistencies not only in technology and the environment but also in people and processes. The survey provides insights into the importance of bridging IT and OT by comparing the benefits of each. As manufacturing companies play a part in the global supply chain, Trend Micro scrutinized the differences found among the three countries.
Most of the companies surveyed have experienced emergency cybersecurity incidents at their industrial factories. In the survey, 61 percent of manufacturers said they experienced a cybersecurity incident in their factory, while 75 percent of the companies reported that they have experienced an incident that caused a production outage. In addition, 43 percent of companies said that production activities had been suspended for more than four days as a result.
These incidents are not uncommon and have a direct impact on production activities, which means that manufacturers must recognize the need for cybersecurity in factories, Trend Micro reported.
In its report on smart factories, Trend Micro identifies the prevalence of legacy systems as a challenge faced by people and processes. Overall, the results show that companies have more technical challenges than issues with people or processes. Specifically, they are struggling to find effective ways to protect their factories, adapt to their environment, and mitigate the negative impact on their regular operations.
When comparing IT and OT respondents, the ratio of concern for technology ranks relatively the same, while OT are concerned about issues surrounding people and processes more than IT. In particular, it can be said that the OT teams find it difficult to take inventory of their assets according to importance, identify threats and vulnerabilities in factories, and set security target levels.
“Manufacturing organizations around the world are doubling down on digital transformation to drive smart factory improvements,” said Akihiko Omikawa, Trend Micro’s executive vice president of IoT security, in a press statement. “The gap in IT and OT cybersecurity awareness creates the imbalance between people, process and technology, and it gives bad guys a chance to attack.”
The number of IT/OT/IoT systems connected to the internet has grown exponentially over the last decade. “We are seeing a higher dependency on remote monitoring and remote management to better ensure business continuity,” according to Klaus Glatz, Andritz’s chief digital officer.
Andritz has a joint-venture with OT cybersecurity company OTORIO that provides an industrial-native cybersecurity platform, called RAM2, short for Risk Assessment, Monitoring & Management. The platform comes with ‘built-in security DNA’ that ensures that each delivery will meet the market’s highest security standards.
While digitization is expanding rapidly, most companies do not have yet an integrated approach to operational security, often leading to attempts to try and retrofit IT systems for OT security. Unfortunately, as the OT framework follows different processes and requires different risk management than IT, these solutions often fall short of the mark.
“In a multi-generational, constantly changing threat environment, customized OT cybersecurity measures are an imperative part of the automation development process,” said Gerhard Schiefer, head of Andritz Automation.
Growing cyber threats in manufacturing and smart factory operations continue to proliferate leading to a need for better cyber preparedness of manufacturers to protect against not only current threats but also new threats and vulnerabilities that digital technologies create. Manufacturing organizations should invest in a holistic cyber management program that extends across both IT and OT environments to identify, protect, respond to and recover from cyberattacks, according to a recent Deloitte survey.
“Strong cybersecurity is the foundation for a resilient company. With effective cyber risk management for smart factory initiatives, manufacturers can capitalize on the upside potential the Fourth Industrial Revolution brings and prevent themselves from becoming a victim of a future cyberattack,” Deloitte added.
As control systems cybersecurity expert, Joseph M. Weiss points out, “The culture gap between engineering and network security is alive and well. It is a gap that must be closed to help all industries with production equipment that are networked.”
In its final recommendations for manufacturing and smart factories, Trend Micro proposes a three-step approach that consists of prevention, detection, and persistence. By aiming at reducing threat intrusion risks at data exchange points like the network and DMZ, the security risks brought into the industrial framework can be greatly decreased. Proper detection of cyberattack activities in OT environments is also vital. Finally, persistence in protecting the industrial network security and industrial endpoint security will help in protecting critical assets from cyberattacks.