In this time of Industry 4.0, smart factories, cloud and Internet of Things (IoT), manufacturers’ traditional approach to operational technology (OT) security – air gapping – doesn’t work. In fact, in many cases, separating IT and OT isn’t good for overall business protection.
Connected OT devices, which often don’t have built-in security controls, are low-hanging fruit for threat actors. They can exploit vulnerabilities, get in and disrupt production lines, steal intellectual property and/or go through OT to get to the IT network. For example, one route to sensitive data is through OT devices that aren’t patched, run on unsupported hardware and link to other parts of the network. In this situation, threat actors can get in and move laterally. Another example is an intruder that exploits a vulnerability to move from the factory floor to the website through an infected laptop.
Security controls commonly used for IT networks are not widely adopted by OT. According to one study, while 90 percent of manufacturers surveyed report capabilities to detect cyber events, very few companies today have extended monitoring into their OT environments, and fewer than half of manufacturers surveyed have performed cybersecurity assessments within the past six months.
Consider the success rate of attackers – 4 in 10 manufacturers indicated their operations were affected by a cyber incident in the past 12 months. Without modern “detect, respond, protect and prevent” security controls guarding OT, manufacturers are at risk. Nuspire research indicates top manufacturing threats include ransomware, directory traversals, web scanners, cross-site scripting and remote code execution attempts.
Fortunately, these threats can be detected and stopped. We recommend three fundamental cybersecurity controls for both IT and OT:
Updating OT security does more than protect the production floor and the IT network. Since the start of the pandemic, business priorities have changed. The top post-COVID 19 enterprise priority is resilient business operations whereas pre-COVID 19 it was digital trust programs. We believe business resilience depends on cyber resilience. And cyber resilience is all about anticipating intrusions, being prepared and knowing what to do before, during and after a breach.
If you want to learn more about the top manufacturing threats and how to prevent them, read our white paper. To have a conversation about eliminating exploitable device and network vulnerabilities, contact us. Deloitte, Cybersecurity for Smart Factories, 2020.