Securing smart factories is a relatively new priority for many manufacturers. Which is why many manufacturers often struggle with basic cybersecurity requirements while addressing larger security goals. The problem is compounded by lack of skills, policies, and employee sensitization in some instances. For smart factory projects to be successful, the outcomes need to be secured and security needs to be treated as one of the core pillars of the digital transformation effort.
Security challenges in upgrading to a smart factory:
- Lack of adequate visibility into operations
- Cybersecurity priorities are not considered as part of the core operational, risk, and quality control processes
- Risk, threat, and impact assessments are not as rigorous and frequent as those concerning safety
- Expansion of threat surface for every unit of digitization or addition of connected devices is not calculated or used for any calculation of risk augmentation
- Asset inventories are not maintained diligently
- State of assets and networks as far as patching and vulnerability assessments are concerned
- Investments in security are staggered and reactive
- Upskilling of security teams is often not a planned activity
- Data from security-related dashboards are often not considered for decision-making in areas such as resource and efficiency management
Thus while smart factories have made substantial gains through infusion of technology in non-security areas, security as an essential enabler of smart production is yet to receive its due. This trend is clearly reflected in the way digital factories have turned into vulnerable targets for hackers and bad actors. Hacker groups are consistently scanning and placing newer variants of malware and multi-loaders such as Bumblebee to exfiltrate data and extort ransom.
Why do hackers target smart factories?
- Smart factories are often at the cusp of innovation hosting multiple untested devices and assets as part of a proof of concept project.
- Inherently, IIoT projects are primed towards gathering data and enforcing control on various components.
- Absence of security by design
- Merger of secure data streams with unsecured data streams in the first few stages of a smart factory project. This creates new threat surfaces that hackers are able to easily detect and exploit
- Smart factories contain unique Intellectual Property applications that could be copied and sold to potential buyers
- Convergence of technologies creates vulnerable environments
How to secure smart factories
Even before you start on the journey to improve cybersecurity for your smart manufacturing plants, you need to answer these basic but important cybersecurity questions:
- What is the ideal security state for my business? While 0 breaches is one answer, try and tie in other KPIs to a broad base and contextualize your response so that you don’t miss out on any operational security imperative
- What security compliance mandates do we need to adhere to? Adoption of which standards can make a huge difference to our businesses in terms of operational efficiency and transparency, detection efficiency, business continuity etc?
- What are the current challenges that my security operations team is dealing with? Is the team facing SOC/detection fatigue?
- Do we have a good understanding of the threat envelope surrounding our operations?
- What kind of KPIs are we currently tracking and are they adequate?
- Are the current budgets sufficient?
- Do we have adequate manpower to manage all our security needs?
Answers to these questions will give you your first steps that need to be taken to secure your establishment.
Paying attention early has its benefits
Security should ideally begin at the blueprint/design stage. When the project is still on paper, IIoT security governance mechanisms, roles and responsibilities (of key personnel), and detection and defence solutions should be considered and finalized. We have often seen that the understanding and appreciation of the threat environment facing smart factories varies from team to team. So coordinating efforts to arrive at a consensus for a governance model is essential. (Building policies and frameworks like OT Cybersecurity Policy Template or IEC 62443, NIST Table of Roles & Responsibilities Template will go a long way in elevating your cybersecurity posture to the next level)
Ensuring maturity of response to breach attempts is another strategic priority. Breach detection solutions that integrate with the governance model and the SOC facility should be deployed while the governance and security model is being finalized. Since threat actors will not wait for everything to fall in place before attacking parts of the smart factory, it is important that detection and remediation solutions must be deployed to address these threats. Once the governance model is finalized, the solution can then be aligned to the outcomes expected of it as per the chosen model.
Also read: How to get started with OT security
Defense and response playbooks can go a long way in fashioning a well-etched and coherent first response to any signs of a cyberattack or a breach attempt. This playbook can define attack scenarios or even suggest basic cyber hygiene tactics that can be deployed to prevent breaches in the first place.
Here are a few other steps that can be taken to secure smart factories.
- Conduct a thorough threat assessment and breach impact audit to identify and plug security gaps
- Maintain a device and asset inventory to account for all assets including the patch and security status of each device
- Embrace NIST and IEC 62443 standards
- Cybersecurity training should be conducted once every 90-120 days. Employees should be made aware of ambient threats and the impact of these threats on operations and production commitments
- Conduct security audits every 90 days
- Pen test all device families
- Evaluate the security threats emerging from supply chains
- Deploy a decoy and deception solution to deflect and study complex attacks
- Develop and publish security governance policy
Thinking of where to start? Let our cybersecurity experts map your security journey: Schedule a time
Learn more about Sectrio’s security solutions for smart factories: Cybersecurity for Smart Factories and Manufacturing
Find out what threats are lurking in your smart infrastructure, go for a level 1 threat assessment now.