The digital infrastructure which underpins modern manufacturing processes has led to some remarkable efficiency and productivity gains in recent years, and is set to continue to do so moving forward with the artificial intelligence and Big Data revolutions. This Internet of Things must be designed for security to limit the expansion of the attack surface and to manage Enterprise risk. Malicious software can infiltrate operational technology (OT) and threaten manufacturers’ production lines and supply chain.
High-level cyber attacks, such as the recent attack on Colonial Pipeline in the US, have made global headlines. The automotive and tyre industries are just as susceptible to these types of security breaches. In June 2020, for example, Honda was hit by a ransomware that impacted its production and point of sales, interrupting the brand’s ability to serve customers for a time.
Traditional IT security (NextGen Everything) cannot be deployed onto an OT environment without causing disruption to production, at best, or plant downtime
The cost of cyber security breaches for manufacturers cannot be attributed solely to the cost of paying the ransom (which is discouraged). It also comes from production downtime, lost production and scrap, theft of intellectual property, and damage to the company’s reputation, among others.
In manufacturing plants today, there are still many legacy protocols in place that originate from the 1970s and 1980s, when cyber security was much less of an issue. Traditional IT security (NextGen Everything) cannot be deployed onto an OT environment without causing disruption to production, at best, or plant downtime. A proper Defense in Depth (DiD) strategy, adapted to the OT environment, is becoming a must. CISOs of manufacturing companies will have to justify themselves to the Board of Directors if they do not have an OT cyber security strategy in place these days.
A critical first step in the OT cyber security journey is to identify what assets manufacturers have in place. You cannot protect what you cannot see. A manual vulnerability management approach can be a time-consuming process, as it requires information about the vulnerabilities of various devices, from different sources and different vendors, as well as knowledge about how those devices will be impacted.
You cannot protect what you cannot see
Conveniently, dedicated tools for OT exist today, making the process much more automated. These tools will automatically collect data about a plant’s devices and their vulnerabilities in an asset inventory, which is automatically updated in real time. Based on this inventory of vulnerabilities, combined with the intimate understanding of the production process, OT engineers and security professionals can better prioritise their cyber security measures in order to reduce risk.
Regardless of how many DiD measures are put in place, it is also critical to have OT threat detection in real time. If a hacker were to exploit an asset vulnerability, the tool will be able to notice the irregular behaviour and report it. In this way, it allows greater visibility of the OT assets as well as of the threats.
In the fight against cyber crime, plant managers must make use of all available technology to protect vulnerable assets. It is critical to launch the OT cyber security journey: asset inventory and vulnerability management is a good place to start.
The opinions expressed here are those of the author and do not necessarily reflect the positions of Automotive World Ltd.
Pierre Paterni is Business Development Team Lead – Connected Services, EMEA, Rockwell Automation
The Automotive World Comment column is open to automotive industry decision makers and influencers. If you would like to contribute a Comment article, please contact firstname.lastname@example.org