Cyber security in manufacturing demands robust systems

Manufacturing isn’t the obvious industry you’d expect to be targeted by cyber criminals, but as a sector heavily reliant on Operational Technology (OT) it does make it vulnerable to ransomware attacks. The digital revolution that has paved the way for new infrastructure underpinning modern manufacturing processes has led to remarkable efficiency gains. However, as with every innovation, there are risks attached.

Malicious software can infiltrate OT and as a result threaten manufacturers’ production lines right across the supply chain. High-level cyber attacks that go to the heart of companies’ online systems not only disrupt production but can also compromise customer data and trust.

In the stand against cyber crime, asset inventory and vulnerability management are a good place to begin. We appreciate it can take time and resource to retrofit traditional IT in an OT environment but it’s important that every available technology is used to thwart cyber crime. No one is too big or too small to come to the attention of cyber attackers. And it’s not just about the moral decision to pay a ransom or not, there’s production stoppages, theft of intellectual property and damage to the company’s reputation all to consider.

A proper Defence in Depth (DiD) strategy adapted to the OT environment should be on every Boardroom agenda, and a good first step is to identify what assets you have in place.

A physical vulnerability management check can be time-consuming as it requires information about the vulnerabilities of various devices, from different sources and suppliers, as well as knowledge about how those devices will be impacted.

Here at the NEBRC we are here to help. Dedicated tools for OT now exist making the process more automated, with data collection on plant’s devices and their vulnerabilities in an asset inventory - all automatically updated in real time. Based on an inventory of vulnerabilities, combined with an understanding of the production process, OT engineers and security professionals can better prioritise cyber security measures.

For further information on cyber security and strategies for your business, contact our team today.