Cybersecurity in manufacturing has several challenges that we need to consider and resolve if we are to make a significant impact on the security landscape. In many manufacturing facilities, two separate networks exist – Information Technology and Operational Technology.
Cybersecurity in manufacturing has several challenges that we need to consider and resolve if we are to make a significant impact on the security landscape. In many manufacturing facilities, two separate networks exist – Information Technology and Operational
IT and OT networks are becoming more intertwined. By this we mean that while once isolated OT networks and their related devices had minimal access from external sources, now in many cases are accessible from the internet for a variety of reasons including support.
This is an issue because many OT networks and devices are rarely if ever, updated/patched – security is an afterthought if a consideration at all. Patching is a big concern for a few reasons. As above, they don’t often get patches available because they are either custom systems or too difficult to patch. Manufacturing plants cannot be put offline for administrators or security engineers to resolve security concerns. These systems in many cases are 24/7 and going offline would cost too much money in lost production time and reduction in processing throughput.
As the two networks blur together, the problem will not go away anytime soon. This means we need to ensure due considerations are given to all access requests/approvals via any external source; minimise the attack surface as best we can; remove unnecessary traffic flow or access to the OT network from the IT network. This flow control and access control will make it harder for unauthorised access by any party to the OT network. It won’t stop it completely but it will help slow the lateral movement through your systems.
To resolve these issues long-term OT systems will need to be better designed with security and patching as part of the product design and development process. In the short term, it is important to do what we can to get back to security basics and secure your networks for in and outflow. We need to know what data is flowing both ways so that we can detect any anomalies quickly.
If we can’t see anything we will never know if our systems have been breached. So in short review, your systems, you need to know who has access and control all traffic flow. It is that simple. For the future manufacturers of OT, systems need to be more security conscious.
Construction Industry targeted by Cyber Criminals Cybercriminals are targeting construction companies to conduct business email compromise scams(BEC’s). All parties to construction projects should
Please fill in this form, and our sales team will get back to you as soon as possible.