Industry 4.0 manufacturing offers many efficiency benefits and growth opportunities for operations. However, with smart factories and machines that are connected to each other and the enterprise, isolating facilities to minimize the threat of cybersecurity breaches is not an option.
This is the number one challenge of cybersecurity—balancing the competitive pressures driving the industry towards more connectivity and reducing the risks that exposing your business can pose. But during a presentation at PACK EXPO in Chicago, IL last month, Anthony Baker, cybersecurity portfolio manager for Rockwell Automation, talked about how manufacturing operations should be including cybersecurity as part of the conversation and execution of business strategies.
Part of the cybersecurity approach manufacturers should be taking is a holistic one, not just putting up a firewall or some other piece of technology, Baker said.
“A lot of consideration has to go into building a program that understands the various ways cyber threats impact us,” he said. “It’s not just a firewall breach. It’s not just malware. There are many potential implications that cybersecurity brings to manufacturing operations.”
Many manufacturers put all the cybersecurity responsibilities on the IT department. The problem with this approach, according to Baker, is many of the risks posed to a facility come from insiders accidentally compromising a system, such as opening a phishing e-mail.
“Organizations are realizing humans are the weakest link,” Baker said. “They make bad decisions, but they’re not always malicious in intent. Even vendors and suppliers, they may not be knowingly trying to infect you, but they bring their laptops and USB drives on your facility. And those devices are only as clean as the last system they touched, probably the WiFi from the hotel or coffee shop that they just used.”
The evolving cybersecurity risks
The cybersecurity threat landscape has evolved in the last decade. The purpose of the attacks have moved from targeting personal identification information, such as credit cards and Social Security numbers, to more ideological malware campaigns driven by nation states, such as Korea’s attack on Sony Pictures because of the studio’s film The Interview.
Now, the more contemporary ransomware attacks, such as WannaCry, target global manufacturers, some of which have still yet to recover after the attacks from more than a year ago.
“A shipping container company that was impacted lost more than $300 million, which is basically one quarter’s worth of revenue,” said Baker. “You started to see significant financial impact immediately due to WannaCry. And the worst part about the ransomware is we see companies continue to be affected well after it’s been known and patched. So, it appears to be negligence impacting these companies.”
Many manufacturing plants are vulnerable because they might use legacy systems and aren’t just able to rip and replace with systems that are brand new and more secure. Operations might have insecure protocols that lack proper IT support. Plus, because the industry has a broad range of suppliers, finding a singular solution to cybersecurity risks is not realistic.
“We have to expand how we view security and realize that it’s got to be more than one person,” said Baker. “It has to be pervasive. It has to be part of organizational culture to bring this to reality.”
Baker suggested companies have a cybersecurity attack plan that entails what to do before, during and after an attack. Part of this plan should be to have employees going through email training, having strict USB use policies, setting up a firewall, keeping a detailed inventory of critical assets and creating a response plan if something happens.