Your Factory May Be Smarter, But Is It Less Secure?

A smart factory is a connected one but the same advances that allow you to check in on production remotely could allow others to tie into your plant.


Facebook Share Icon LinkedIn Share Icon Twitter Share Icon Share by EMail icon Print Icon

The top line results from the industrial cybersecurity survey were alarming: 61% of those surveyed had experienced a cybersecurity incident in the last year and of those, fully 75% had system outages, 43% of which lasted more than four days.

Those figures are from Trend Micro’s annual State of Industrial Cybersecurity survey. The online, anonymous survey held Nov. 2-Dec. 1, 2020 garnered responses from 500 companies hailing from the U.S. (200), Germany (150) and Japan (150).

The survey specifically queried manufacturing companies with 1000 or more employees, which makes the high rate of cybersecurity incidents more understandable. Most plastics processors would fall into the small-to-medium-sized business category that presumably would be less of a target for cyber criminals. Whatever size your business is, however, Trend Micro described the current situation the industry faces.

“While manufacturing companies around the world are implementing digital transformation to survive and continue to grow, cybersecurity threats have become a top concern.”

“Incidents” here are defined as things like a computer virus infection, an unauthorized operation that exploits system vulnerability or unauthorized access to the system. The first steps to evaluating a plant’s vulnerabilities are assessing asset visibility, identifying risks and setting goals.

Trend Micro considered both IT (information technology) and OT (operational technology), where the former is anything related to computer technology, including hardware and software, while the latter is hardware and software used to used to control, monitor, and track physical devices in a plant with things like SCADA or PLCs. While plant security would be best achieved by those separate functions working hand in glove, the survey found that IT and OT only collaborated in all phases 12% of the time.

Trend Micro said that beyond just having the right technology, whether it’s antivirus software or a robust firewall, manufacturers need organization and process measures. That said, the survey found that technology was the biggest challenge in each country, with overall awareness of the issue lower in the U.S. than Germany or Japan.

National regulations and industry guidelines for cybersecurity were the biggest influencers for getting companies to act on cyber security, along with a gentle push from others. In Japan, requests from business partners and customers (57%) were the top impetus along with regulation. In Germany, instructions from the management (55%) came in second place behind regulations, while in the U.S., instructions from the parent company (44%) came in at No. 2.

Defining a chief security officer (CSO) is an important first step down the path of cybersecurity, Trend Micro found. The U.S. has the highest rate of implementing organizational changes to support cybersecurity, including identifying a leader (60%) and dedicated cross-department committees (56%).

Three-Step Approach

Trend Micro lays out a three-step approach for cyber security, including prevention, detection and persistence. Prevention involves reducing threat intrusion risks at data exchange points like the network and DMZ (in computer security, Wikipedia defines a DMZ or demilitarized zone as “a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet.”) Trend Micro says these risks may come from IT and OT, USB storage used in a factory, laptops/outside machines brought into a factory by third parties at maintenance, and from an IoT gateway.

With detection, companies detect cyberattack activities in the OT environment understanding that 100% prevention does not exist. Anomaly network behaviors such as command and control (C&C) communication and multiple log-in failures should be detected as soon as possible to prevent massive damage.

In persistence, Trend Micro says companies should seek to secure the most critical environments on a shop floor, while minimizing the potential affected area. “On a shop floor, there are many critical assets which link directly to production and its control,” the report says.

As digitization and connectivity continue to expand apace in manufacturing so too must cyber security vigilance so that as an industry we arrive at a IIo[S]T—Industrial Internet of Secure Things.

industrial cybersecurity

How secure are your plant’s interactions with the broader digital world?