Manufacturing has witnessed a staggering 107 percent surge in cyberattacks since 2021. Cybercriminals are increasingly outsmarting multi-factor authentication (MFA) security measures through phishing emails or malware threats. The jump in cyberattacks has been a wake-up call to security leaders across the industrial sector, highlighting the urgent need for manufacturers to implement a Zero Trust architecture to help protect their IT and operational technology (OT) systems from MFA bypass attacks.
Access to functional systems, spanning from networks to controllers, is commonly provided through implicit trust. However, malicious entities can exploit this overabundant trust to infiltrate networks, frequently capitalizing on pilfered credentials. A Zero Trust framework requires that all access to applications and data are verified, regardless of the user's location or device.
Although the benefits of Zero Trust architecture have been widely reported, data shows that only 49 percent of organizations have implemented segmentation or micro-segmentation to protect business-critical systems, which is a core component of Zero Trust and a practice encouraged by many government policies.
Zero Trust is effective for improving cybersecurity against MFA attacks and OT breaches by assuming no implicit trust and by strengthening perimeters around business-critical assets. Despite this, Zero Trust has a massively unlocked potential for mitigating cyberattacks, as it requires:
- Segmentation. This divides the network into smaller, more isolated segments, making it more difficult for attackers to move laterally within the network.
- Microsegmentation. Zero Trust micro-segmentation can then further guard business-critical assets, using firewalls, highly granular access and identity policies and other steps.
- Least privilege access. This ensures that users only have the permissions they need to perform their job duties, reducing the risk of unauthorized access.
- Continuous monitoring. This tracks all activity across the network and devices, making it easier to detect and respond to attacks.
The Steps to Building a Zero Trust Architecture
Implementing and enforcing Zero Trust is not only a recommended strategy, but an increasingly mandated one. In fact, the Biden administration's May 2021 executive order on improving the nation’s cybersecurity calls for government agencies to adopt a Zero Trust approach in their cybersecurity models. Below are five practical steps for manufacturers to implement Zero Trust.
- Define your protect surfaces. Protect surfaces encompass the data, physical assets, network applications and other crucial assets that an organization wants to deliberately protect. It’s essential to identify assets within the organization’s environment that require protection, and once determined, organizations must prioritize the security of these assets.
- Map the transaction flows. This task encompasses a comprehensive assessment of the various pathways through which different users gain entry to these assets. Simultaneously, it involves analyzing the interplay between each protective stratum and all other interconnected systems within your operational framework.
- Architect a Zero Trust environment. A Zero Trust setup involves different cybersecurity rules working together to fully safeguard an organization. It's not just a set of security tools – it all begins with creating clear divisions and strict firewall rules. These rules are then adapted in many ways based on factors like who's asking for access, the device they're using, how they're connected to the network, the time of day, and more. This step-by-step process builds a strong protective boundary around each secure area.
- Create a Zero Trust policy. In this phase, you're crafting the guidelines that govern actions and expectations tied to access controls and firewall regulations. These policies should not be limited to your organization’s intranet, organizations should consider implementing educational initiatives across your organization to instill strong security habits in your employees, vendors and consultants. Regular cyber awareness training has become a mainstream necessity, playing a crucial role in minimizing potential risks.
- Monitor and maintain the network. Organizations can’t implement a Zero Trust architecture and forget about it. Organizations must continue to verify that Zero Trust policies are in place and are working the way they are intended, identify areas for improvement and adjusting as necessary.
A Zero Trust framework helps manufacturers to proactively secure operations and critical assets against the rising tide of cyberattacks, including MFA bypass techniques. By minimizing attack surfaces, detecting threats early, and limiting the impact of breaches, a Zero Trust approach enables operational continuity and fosters a resilient environment.
Tony Baker has been Chief Product Safety & Security Officer at Rockwell Automation since October 2020. In this role, Tony is responsible for leading the product safety and security strategy for the company, for building trust in our brand, for ensuring the safety and security of the products, services, and solutions that we bring to market, and for managing their associated risks.