Cybersecurity for Manufacturing
The Fourth Industrial Revolution heralds an era of tremendous potential for innovation and growth. It also brings new risks and challenges. And this might be most evident in today’s manufacturing cyber landscape.
A proliferation of cyber threats
Many manufacturing companies are seeing an increase in cyber-related incidents associated with the control systems used to manage industrial operations. These systems can range from programmable logic controllers and distributed control systems to embedded systems and industrial IoT devices. Collectively, these control systems make up the operational technologies (OT) that allow facilities to operate.
​
While the advantages of connectivity include increased levels of productivity, faster identification and remediation of quality defects, and better collaboration across functional areas, they can also multiply the potential vulnerabilities of the smart factory. In fact, the Cybersecurity and Infrastructure Security Agency (CISA) lists 1,200+ known OT system–related security issues, vulnerabilities, and exploits from more than 300 OEMs and system providers. The threat landscape for the systems that control operations of a production facility has proliferated rapidly with the increase in digitization and advanced technologies.
The root cause? IT and OT are out of sync
To gain operational efficiency and assure better customer service, many manufacturing companies are looking to converge IT and OT across their operations. There are a number of areas where people, process, and technology overlap between the IT and OT ecosystems―areas where respective strategies need to be in sync. The reality of these technologies and how they are used, however, is often markedly different.
​
OT system–related investment decisions are often made on the factory floor by leaders within operations, with less involvement from corporate IT and security departments. This can lead to a myriad of different technologies, often with different security control capabilities, that will likely need to be integrated to and then managed using existing IT network infrastructures.
This report explores a few key questions raised by the current risk landscape:
To what extent are cyber threats affecting manufacturers today?
What type and level of risks exist in present-day factories?
How do manufacturers address today’s cybersecurity risks? And how will they address new risks?
How do manufacturers build cybersecurity controls into their smart factory initiatives?
