Manufacturing is now the #1 most attacked industry.1 The threats are real, and unsecured devices and networks, lack of cyber awareness, and supply chain attacks only heighten the risk. These threats cannot be addressed with technology alone; building a strong policy base and cyber culture is critical.
In a recent roundtable discussion, Connection’s Manufacturing Practice, Professional Services experts, and Cisco all met to discuss imminent threats, cybersecurity program strategies, and technology that sheds light on today’s challenges and the direction manufacturing customers should be prepared to take. Below is a summary of that discussion, including the critical issues in manufacturing cybersecurity today and the strategies to best address them.
Host: James Hilliard
Ryan Spurr, Connection Manufacturing Strategy Director
Rob Di Girolamo, Connection Practice Manager for Security and Network Solutions Center
Prithvi Manduva, Cisco Industrial IoT Technical Solutions Architect
To listen to the recording, register here.
Manufacturing: The Most Attacked Industry
Manufacturing has emerged as the top target for cyberattacks, with threats that are real and pervasive. In recent years, the manufacturing sector has experienced a significant shift in its vulnerability to cyber threats. Approximately 24–25% of all cyber incidents now target manufacturing, making it the most attacked industry globally.2
The reasons behind this heightened threat level include attackers increasingly focusing on manufacturing operations, with a 2,200% increase in surveillance in operational technology noted last year.3 These attacks result in 61% of successful breaches now occurring in operational environments, signifying a significant shift from previous years.3
The implications of cyberattacks on manufacturing are far reaching. Beyond compromising intellectual property, they can lead to downtime, financial losses, damage to a company’s reputation, and even impact stock prices—as recent Security and Exchange Commission (SEC) rules have demonstrated.
Top Manufacturing Security Challenges
The rate at which the manufacturing industry is experiencing increasing security risks is due to several challenges, including:
Lack of Visibility
Gaining visibility into the numerous devices and systems on the operational technology (OT) floor is a significant challenge. Different vendors and technologies create individual silos, making it difficult to monitor and secure the entire network. This is especially important when factoring in human error that occurs on the manufacturing floor. Changes made by vendors or personnel on the plant floor can often go unnoticed, creating a potential security risk. Implementing control mechanisms and detailed logs for changes is essential to track and maintain control.
Knowing what’s happening is crucial for securing systems. One tool that can provide visibility into OT is Cisco’s Cybervision, which helps teams understand their environment and develop security policies.
IT and OT Convergence
The convergence of IT and OT introduces a host of new challenges and demands a fundamental shift in the way organizations approach security. Manufacturers must consider the following:
Infrastructure: Simplify and secure the infrastructure connecting IT and OT environments, implementing segmented networks to minimize risk and impact.
Security as a Layered Approach: Address cybersecurity not just as an endpoint protection issue but as a layered approach to secure the entire network.
Collaboration and Coordination: Emphasize collaboration and coordination between IT and OT teams, ensuring that both domains work together to enhance security.
Many manufacturing systems and devices have been in operation for years, with no security measures in place. These legacy devices pose a significant security risk on the manufacturing floor for several reasons.
Firstly, these systems often lack the essential security features and updates that modern systems incorporate. Many legacy devices have been in operation for years—and over time, security vulnerabilities have emerged. Manufacturers might be unable to obtain patches or updates from vendors, as support may have been discontinued or the vendor may have even gone out of business. This leaves these systems vulnerable to exploitation by cybercriminals who can target their known weaknesses.
Additionally, legacy systems may not meet current security standards or compliance requirements. As cybersecurity threats evolve and regulations become more stringent, legacy systems can’t keep up. They may lack encryption, access controls, and other security features necessary to protect sensitive data and manufacturing processes, putting the organization at risk of non-compliance.
70% of ransomware attacks occur on the manufacturing floor, and that number has been growing.4 Ransomware attacks can encrypt critical data, control systems, or entire networks, effectively holding an organization hostage until a ransom is paid. This can result in production downtime, missed deadlines, and compromised product quality.
Implementing a zero-trust architecture can greatly enhance security in manufacturing by adopting a “never trust, always verify” approach. Zero trust assumes that no user or system, whether inside or outside the network, should be trusted by default. It verifies the identity and security posture of every user and device attempting to access resources within the manufacturing environment. This strategy prevents lateral movement within the network, limiting the spread of ransomware or any other cyber threats.
Supply Chain Risks
Relying on external vendors and suppliers introduces supply chain risks, requiring organizations to ensure that they can trust their partners and suppliers. Manufacturers often rely on a complex network of external vendors and suppliers to provide various components, materials, and technologies. This reliance introduces vulnerabilities at multiple touchpoints along the supply chain. If a supplier or vendor experiences a cybersecurity breach, it can have a cascading effect on the manufacturing process.
Malicious actors may seek to compromise a manufacturer’s supply chain to infiltrate their systems. This could involve tactics like planting malware in a supplier’s systems, exploiting vulnerabilities during product shipments, or even conducting insider attacks within a supplier’s organization. These malicious activities can bypass traditional security measures within the manufacturing facility and pose a significant risk to the organization’s security and operations.
Supply chain risks have become more prominent, and it’s crucial to vet and set security standards for vendors and partners. Manufacturers must prioritize robust cybersecurity measures across their entire supply chain to mitigate these risks and ensure the integrity and security of their products and processes.
As manufacturing integrates OT and IT, the resulting complexity can overwhelm teams and hinder productivity. As a result of such increasing complexity in manufacturing environments, the desire for simplicity is growing.
Beyond tools such as Cisco’s Cybervision to reduce complexity by providing visibility into OT environments, extended detection and response (XDR) is another advanced security concept that helps manage and secure complex environments like manufacturing floors. It does so by segregating and containing threats to prevent them from spreading across networks.
Lack of Skilled Cybersecurity Professionals
The shortage of skilled cybersecurity practitioners is a significant concern for the manufacturing sector. Upskilling the existing workforce and leveraging automation and artificial intelligence can help bridge this gap.
Providing adequate cybersecurity training to OT personnel is also crucial. Phishing awareness and security education tailored to the manufacturing environment are essential to prevent human errors that could lead to breaches.
Gaining Buy-in from Leadership
Cybersecurity is the responsibility of everyone in an organization. Building a culture of security and awareness is essential. Executives, IT, and OT professionals must work together to enhance security measures. To convince executives to focus on cybersecurity, IT teams should emphasize the impact of disruptions on production and reputation, as well as regulatory compliance.
Cybersecurity Challenges and Solutions for Modern Manufacturers
The manufacturing sector faces an unprecedented wave of cyber threats, making it the primary target for malicious actors. These attacks result in substantial financial losses, downtime, and reputation damage. The increase in cyberattacks can be attributed to a number of factors, including a lack of visibility into the numerous devices and systems on the manufacturing floor, a need for better collaboration between IT and OT teams, and unsecure legacy systems—to name a few.
To thrive in this challenging environment, manufacturers must cultivate a security-focused culture that involves all levels of the organization, from executives to IT and OT professionals. Investing in cybersecurity is not just an option but a necessity to mitigate risks and ensure the resilience of manufacturing operations in an ever-evolving digital landscape.
1 IBM, 2023, 2023 X-Force Threat Intelligence Index
2 Statista, 2022, Distribution of cyber attacks across worldwide industries in 2022
3 IBM, 2022, 2022 X-Force Threat Intelligence Index
4 Industrial Cyber, 2023, Ransomware activity in industrial environments almost doubles, with over 70% focused on manufacturing sector
If your business is interested in learning more about manufacturing security solutions, visit www.connection.com/manufacturing or www.connection.com/cybersecurity for additional resources to help you get started.