Modern manufacturing ecosystems bring together a complex mix of technologies that range
from legacy industrial systems to cutting-edge enterprise IT systems, smart sensors, robotics,
and Industrial Internet of Things (IIoT). This makes the modern manufacturing ecosystem
vulnerable in a way it never has been before, creating a key concern of cybersecurity in manufacturing.
In today’s threat landscape, perimeter security controls and legacy air-gapped design provide limited protection to this vulnerable infrastructure. The idea that a coordinated and full-fledged cyber-attack causing widespread damages to a manufacturing company is no more far-fetched. In 2020, one of the largest
vehicle manufacturers in the world, Honda experienced a cyber-attack causing production
issues outside of its headquarters. Bombardier suffered a data breach as recently as February 2021. The cybersecurity threat that the manufacturing industry faces is real.
How real is the cyber threat to manufacturing?
With an increase in ransomware attacks of 156% in 2020, manufacturing is one of the most
attacked industries. It is becoming increasingly evident that a successful cyber-attack can be
crippling to any manufacturing company. With the covid-19 pandemic forcing process control
systems operations, supply chain monitoring, and quality testing operations to go remote, the
possibility for a cyber seems highly likely. As it is a matter of when not if, cyber-attack may
prove financially devastating, if production is disrupted. A report estimates that an hour of
shop-floor downtime could be as much as USD 300,000 for many companies. In addition to
operational disruption or failure and financial losses, there may be other consequences like
physical damage, environmental harm, and injury or loss of life.
The reason for the increase in cyber-attacks
Manufacturing industries are embracing digital transformation or smart manufacturing at
an accelerated pace. The recent coronavirus pandemic has also been one of the reasons for this
increased pace of adoption. Data produced from the adoption of smart manufacturing on the
factory floor can be extremely useful in achieving improved efficiency. It may help to share
information up and down the supply chain in real-time, perform predictive maintenance, gain
visibility into bottlenecks, machine performance, and other operational inefficiencies. It is no
wonder why manufacturing companies have accelerated the adoption of smart manufacturing.
The benefits of smart manufacturing are manifolds from significantly enhanced operational
efficiency resulting in competitiveness, cost savings, maximized profitability through improved
output quality. With benefits, also comes challenges when the legacy manufacturing systems
are integrated with modern intelligent systems.
Taking effective steps to protecting your manufacturing plant
To protect the entire ecosystem from a cyberattack, the leadership teams need to
understand the current cybersecurity posture of the manufacturing plant. This can be achieved
by measuring the inherent cybersecurity risks in the overall system and evaluating the levels of
the risk in business terms. With a clear picture of the overall extent of the threats, vulnerabilities, and the likelihood of an attack, effective mitigation measures can be applied proportionately to
the risk. Security controls based on IEC 62443 and NIST 800-82, that are suitable for industrial
control system environments, must be used to mitigate risk and achieve resilience. Situational
awareness must be established by using appropriate tests to understand the effectiveness of
protection from the mitigation efforts.
Given the sophistication of cyberattacks seen in the industrial control system environments,
security is not just an option anymore, it needs to be treated as an enabler to the success of
each business. A cyber-secure and resilient manufacturing infrastructure will become the key to
achieving speed-to-market, the competitiveness of the business, operational continuity, efficiency
and safety.