In a world where phrases like Industry 4.0 and Smart Factory have become commonplace, they suggest an image of a high-tech production environment. Everything seems state of the art, brand new, and shiny. However, except for a few exceptions, this vision does not correspond to reality.
Investments in production facilities only pay off after many years
It’s undeniable that production plants and systems are expensive. Their integration into the overall production context involves significant effort. Therefore, it is only logical that such facilities often operate for many years, if not decades.
But this is where the problem lies. From a cybersecurity perspective, older production plants and systems are simply not designed for use in a networked environment. At least not for the level of networking we see today.
This fact forms the background for a discussion recently held with Hervé Constant (GRTgaz), Marc COUTELAN (Nozomi), and Bernard Montel (Tenable) at the Forum International de la Cybersecurité in Lille, France.
What is valuable also deserves to be protected accordingly
The experts quickly agreed that cybersecurity is essential, and the production systems must keep running. However, beyond this truism, one encounters the harsh reality of operation: Production and OT (Operational Technology) systems in areas such as logistics, facility and building technology, and many other applications are far less protected today than IT systems.
In particular, older systems have many vulnerabilities that even moderately skilled attackers can exploit. Thanks to services such as Hacking as a Service (HaaS), artificial intelligence like the Chat GPT, and others, even completely unskilled attackers have good chances of conducting successful attacks today.
Network segmentation is in many cases completely out of touch with reality
Network segmentation is a widespread approach to protecting against such attacks, but it often fails in practice. The IT/OT convergence has long become a reality, and from a production perspective, this is a good thing! Because the connection of information technology (e.g., from development) with operational technology (e.g., plant control) increases transparency and enables data-driven decisions.
Yet, the practice of IT/OT convergence rarely arises planned, is often misunderstood, and even more often incorrectly implemented. This leads to more exposed vulnerabilities and increased cyber risks.
For all companies wanting to solve this problem for their production, it is advisable to deal intensively with firewall and Intrusion Detection/Prevention Systems (IDS/IPS). This appears to be a pragmatic approach.
However, manufacturing companies need to do more. They need to pursue a systematic approach to cybersecurity that encompasses both preventive and response measures. This means that they have to regularly check their systems for vulnerabilities and fix these before they can be exploited.
Furthermore, they need to invest in training to raise awareness of cybersecurity issues and ensure their employees know how to detect and respond to attacks.
IDS is to the network what the burglar alarm system is to a house
Finally, it’s important that manufacturing companies invest in technologies that help them detect and respond to attacks in real time. This can range from simple IDS/IPS systems to more advanced technologies such as artificial intelligence and machine learning that are capable of detecting and reporting anomalies before they lead to serious security breaches.
In today’s networked production environment, cybersecurity is not a disruptor, but a necessary and important component. It’s time for companies to realize this and act accordingly.