In a connected factory, manufacturers have access to a constant data stream from the shop floor, commercial operations and supply. The Internet of Things (IoT) generates a huge amount of data, gathered from machines and components, which can be accessed and analyzed remotely.
Though it brings a facility a number of advantages, connectivity also introduces vulnerability in terms of cyber-security. With information technology (IT) and operational technology (OT) more closely connected than ever, systems are more susceptible to attackers. The risk is increased by remote access or third-party access.
According to Dark Reading magazine, the second most cyber-attacked industry after healthcare is manufacturing. With high profile ransomware attacks such as WannaCry disrupting large companies such as Honda, manufacturers know they must be vigilant.
In the manufacturing industry, cyber-crime is usually a type of data theft, ransomware or data manipulation. Hackers can modify procedures to disrupt production processes, gain access to private patent data or cause system downtime, all of which can cause serious losses to a company.
Engineering businesses must ensure that their operations, data and valuable intellectual property (IP) are protected. Businesses need to understand the limitations of their own capabilities and systems to form a well-rounded cyber-security strategy.
For example, legacy equipment can be a target for cyber-criminals. Old equipment was not designed to be connected to the internet, which means that cyber security was not a priority during its design. Industrial control systems as well as programmable logic controllers (PLCs) have become targets as a result.
The first step to cyber security is to assess your digital footprint, understanding what data you collect and store. This means when updating or upgrading your system, the entire footprint must be considered, including any personal devices such as smartphones, tablets and laptops that are authorized to be in your network.
Equally, all employees must understand security policies, and they must be educated on how to protect themselves and their systems. Even something as simple as keeping a property access card or authentication key safe can be crucial to strong security. Should that key fall into the wrong hands, an inordinate amount of damage can be done.
Manufacturing businesses must take a proactive approach to cyber security. This includes having a firewall, but also involves network monitoring. By closely looking at activity in the network, any unusual activity can be marked as suspicious, helping you to identify risks more quickly.
Companies should also consider segmenting their networks, limiting access to the network unless necessary. The more connection points, the greater the risk, so a segmented network can limit the damage done in the case of a data breach. Network segmentation can really slow a hacker down – or even deter them from perpetrating an attack at all.
It’s not as simple as securing your home from burglary but securing your smart factory from cyber-criminals is just as important in keeping operations safe. No organization is ever fully immune to attacks. Being resilient begins with accepting the fact that someday your organization could fall victim, but now is the time to carefully crafting a plan for readiness, response, and recovery.
Jonathan Wilkins is the marketing director at obsolete industrial equipment supplier, EU Automation