Over the past several years, the manufacturing industry has made steady progress toward improving productivity and performance through digital transformation. While this new approach to manufacturing has proven to be beneficial across the entire manufacturing value chain, these benefits do not come without a price. As manufacturers converge IT and Operational Technology (OT) networks to stay competitive, traditionally isolated and often fragile systems have been suddenly exposed to the potential for data breaches and other threats designed to disrupt operations.
The Manufacturers Alliance for Productivity and Innovation (MAPI) and Fortinet recently teamed up to survey OT leaders managing security at large manufacturing companies. The resulting report sheds light on the state of OT security as technology and digital innovation reshapes how their industry functions.
In the age of Industry 4.0 – the adoption of automation and data exchange in manufacturing technologies and processes, including IoT and the Industrial Internet of Things (IIoT), cloud computing, cognitive computing, artificial intelligence, and cyber-physical systems (CPS) – new challenges have arisen around the convergence of OT and IT. OT, with its specialized teams and control systems, and often unpatched legacy technologies, are suddenly faced with increased exposure as the direct result of increased connectivity. This connection of internal systems with assets outside the traditional boundary of the factory wall has changed the entire OT security ecosystem, leaving IT teams scrambling to protect both company infrastructure and the production environment.
A majority of leaders in the manufacturing space consider OT security to be one of the top five most significant business risks they face today – with more than one-third of those surveyed (39%) finding it to be among the top three. Fortunately, most seem to be acting on these concerns, with MAPI research showing that 83% plan to increase the portion of the company budget allocated for OT security spending. Considering the variety of challenges before them as they work to integrate the two complex environments of IT and OT, this is an essential first step.
Given insufficient resources, inadequate tools or technology, lack of training, and the fast evolution of threats, the barriers to effective response management in OT networks are high and wide. Despite these hurdles, manufacturing leaders are ready to do whatever is needed to elevate and enable cybersecurity best practices as they transition to Industry 4.0. In fact, 94% of those surveyed plan to implement new solutions that will address their OT security risks.
Across the manufacturing sector, most OT leaders agree that the number one area for exposure to these new cyber risks outside the firewall is the cloud, followed by IoT, e-mail, mobile devices, and thumb drives. Those surveyed also agree that e-mail still presents attackers with the greatest opportunity to infiltrate networks.
Even in this time of heightened cybersecurity awareness and training initiatives, phishing continues to be a huge problem. More than half of surveyed companies reported that their OT environment experienced either a phishing or malware attack in the last 12 months. Beyond e-mail, which continues to be the primary attack vector across the entire IT/OT network, security leaders also cite careless insider breaches as the root cause for OT security breaches in almost one-quarter of manufacturing environments in the past year. This specific threat topped bad actor insider breaches, which affected only 19% of manufacturers in the survey.
Additional problems have also surfaced on the IoT front: almost one-quarter of manufacturing companies have experienced mobile security breaches in the past year and one-third have dealt with spyware. None of these attack methods are new players on the general security battleground, but many, especially phishing and malware, are not only getting more sophisticated by the day, but they are new to previously air-gapped OT environments.
When mitigating OT security risks, manufacturers face challenges related to the expanding attack surface as well as an expanding range of repurposed historical and more advanced persistent cyber threats. Despite these challenges, hope is not entirely lost for managing the threat posed by these vulnerabilities. As the manufacturing industry makes its collective shift toward IT/OT convergence, organizations should reassess their cyber programs, ensuring that security evolves alongside other initiatives as part of a single, integrated, security-driven strategy.
As it stands now, the industry as a whole seems to understand the need to be proactive and build resiliency to manage OT security. According to the survey, more than 80% are enacting measures to mitigate risk in the following areas:
Additionally, almost three-quarters of those surveyed have performed a cyber risk audit or assessment of their OT security in the past year.
While resilience is an essential function for both new and existing OT infrastructure, a primary challenge in building it centers on the question of ownership. With changing roles, cross-functional teams, and increased collaboration comes complex reporting relationships and unclear ownership. Departments, teams, and individuals who were formerly siloed in the days before Industry 4.0 must now learn to speak the same language, in spite of the fact that they often have competing objectives. CISOs, CTOs, IT Architects, CIOs, Plant Managers, Network Analysts, and others must come together and not only find common parlance across issues such as confidentiality (the top priority for IT) and availability (the top priority for OT, along with the physical security of plant employees), but also find ways to work together to strengthen their corporate security posture to realize a more resilient future.
To get the most out of today’s expanding digital business model and to create value in the age of Industry 4.0, manufacturers have to address the critical issue of OT security. They should start by thinking about structuring their digital environment from a security perspective – a security-first approach – by promoting a culture of collaboration. Finally, creating an ideal environment for OT security – one of greater visibility, control, and continuous monitoring – will help manufacturers secure their new, converged IT and OT networks.
Learn how Fortinet can help you extend security from the data center, to the cloud, and to the network perimeter in even the toughest of ICS/SCADA environments.