Manufacturers struggle to close security gaps as they undergo digital transformation
While rapid technology advances have improved manufacturing operations in recent years, combining new and legacy operational technology (OT) has created security gaps that many manufacturers are just beginning to close, according to a new research report published by Information Services Group (ISG).
The 2021 ISG Provider Lens Manufacturing Industry Services Global report finds the complex mix of legacy OT and newer, connected technologies such as industrial IoT and machine learning has forced manufacturers to add security extensions for protection against cyberattacks.
ISG Smart Manufacturing partner Christian Decker says, “Manufacturers face a growing need for security tools to ensure seamless operations and defend themselves against attacks that can cause downtime, financial loss and reputational damage."
Decker says, "More companies in heavy industry are beginning to recognise these threats and authorise funding for OT security throughout their facilities.”
Utilities, healthcare companies and some manufacturing firms have been the most aggressive about adopting defences against cybersecurity threats, the report states.
A growing number of advanced tools for launching cyber-physical attacks against industrial infrastructure are freely available online. However, automotive and some other heavy industries have not yet implemented OT security and as a result have fallen victim to cyber attacks.
According to the report, proactive enterprises are seeking OT security solutions that can be scaled up and applied to on-premises assets, including specialised infrastructure such as fuel sensor networks in oil refineries. In addition, they are also seeking solutions that can manage and secure all device types via an open platform, ISG says.
These include both detection and derailment of threats and decoy and deception features to prevent intrusions in the first place. New deception technologies can first disrupt attackers’ attempts to probe the network and then feed false information to them.
Many organisations are outgrowing point solutions and graduating to OT security systems that provide unified visibility across all assets, according to ISG. This is quickly becoming imperative for organisations that have begun introducing digitisation, AI and cloud-based infrastructure.
The most effective unified security systems encompass all OT and IT elements, including IoT, industrial IoT, mobile and wireless devices. The next phase of OT security will be adopting stable cloud infrastructures for storing big data from both a manufacturer and its customers, ISG predicts.
By combining these in a data lake, companies will be able to apply machine-learning algorithms to gain additional insights and recommendations.
Mobility industries, especially automotive, are also facing security threats against vehicles, the report says. For example, experiments have shown manipulating the geolocation systems of connected cars could allow attackers to take control of steering and speed.
OEMs and suppliers are integrating products from emerging automotive security vendors to defend against potential attacks and comply with increasingly strict regulations.