It’s time to get smarter about cybersecurity in the manufacturing sector
Article by Leon Poggioli, ANZ Regional Director at Claroty In the last decade, digital transformation has completely changed the way many of Australia’s industries operate, with the manufacturing sector being no exception. Advancements such as automation and the integration of IoT devices and other cyber-physical systems throughout production, packaging, and other essential operations have revolutionised the manufacturing process. While these advancements have brought exceptional benefits, they have also led to a significant increase in cybersecurity risks. Whether it’s ransomware infections halting assembly lines, rogue insiders remotely altering settings to compromise production or other types of attacks that exploit security weaknesses in cyber-physical systems (CPS), the rate of cyber-attacks has continued to increase as the industry becomes more and more connected. The ultimate goal of a manufacturing cybersecurity strategy is to protect the CPS on which production availability, integrity, and safety rely. To achieve this, manufacturers must look beyond traditional IT security tools, which are often inadequate at protecting complex environments with a mix of legacy operational technology and modern IT. The key challenges in manufacturing cybersecurity The prevalence of legacy systems Much of the technology that manufacturers rely on today is decades old. It was never designed to be connected to the internet, nor withstand any form of cyber-attack – as this simply wasn’t a risk when it was introduced. As a result, patching security vulnerabilities in this technology is a complex and time-consuming task, which often requires operational downtime. And, because manufacturers’ profits have always been tied to uptime, many companies don’t bother patching at all. After all, downtime hinders productivity, and productivity underpins profitability. As a result, even some of the most successful manufacturers in the world are operating with unpatched legacy systems laden with vulnerabilities that threat actors have their eyes on. The use of proprietary protocols Legacy […]