Securing Operational Technology Systems in Manufacturing
Manufacturers in the United States account for 10.94% of the total output and employ 8.58% of the workforce according to the National Association of Manufacturers. Due to automation, the size of our manufacturing workforce has decreased over recent decades but manufacturing’s contribution to gross domestic product (GDP) continues to increase year over year. This continued growth is largely fueled by computers, aerospace, pharmaceuticals, and medical device sectors.
While much of the world still relies on certain segments of US manufacturing, many manufacturers rely on securing complicated networks of computer-controlled production machines and software in order to defend their business from attack. Attacks can originate from outside the business such as in the case of Visser Precision, a space and defense manufacturer, which experienced an attack involving DoppelPaymer ransomware, which encrypts and exfiltrates data. Or attacks can also originate from within the org chart such as in the case of Gary Min, a research chemist with DuPont who pleaded guilty to misappropriating DuPont’s intellectual property. Following Min’s resignation from the company, DuPont discovered that he had downloaded approximately 22,000 abstracts from the company’s electronic data library, and had accessed 16,706 documents.
Whether defending against external attacks or insider attacks, manufacturers often are often tasked with securing disparate systems from various vendors. Common IT systems and services utilized by manufacturers include:
Manufacturing Execution Systems (MES): These systems provide manufacturers with real-time visibility into their production processes, allowing them to improve efficiency, reduce costs, and increase quality.
Industrial Internet of Things (IIoT): By connecting equipment and machines to the internet, manufacturers can collect and analyze large amounts of data, which can help them optimize their production processes, improve equipment maintenance, and increase uptime.
Computer-Aided Design and Manufacturing (CAD/CAM): These systems allow manufacturers to design and simulate products and processes before they are built, which can help them reduce errors, improve quality, and speed up product development.
Enterprise Resource Planning (ERP): An ERP system allows manufacturers to integrate and manage all aspects of their business, including accounting, logistics, inventory, and customer relationship management. It can help them streamline their operations and make better-informed business decisions.
Product Lifecycle Management (PLM): PLM systems allow manufacturers to manage the entire lifecycle of a product, from design to retirement. This can help manufacturers improve product quality, reduce development time and costs, and manage product data more effectively.
Overall, these IT services can help manufacturers become more efficient, improve product quality, reduce costs, and make better-informed business decisions, that can ultimately help them compete better in their industry. But they can also leave the business at risk if not properly secured.
As more and more manufacturing operations become connected and dependent on IT systems, it’s important for manufacturers to also invest in cybersecurity measures to protect their systems from cyber threats. This includes not only protecting their IT systems but also Operational Technology (OT) systems that control the physical machinery and devices. Manufacturers working with a qualified security vendor can take several steps to secure their OT systems:
Segmentation: By segmenting the OT network from the IT network, manufacturers can help prevent unauthorized access and reduce the risk of a cyber attack spreading from the IT network to the OT network.
Network monitoring: By monitoring the OT network for unusual activity, manufacturers can detect and respond to cyber threats in a timely manner.
Patch management: Manufacturers should regularly apply vendor-supplied security patches to all OT devices and systems to protect against known vulnerabilities.
Access control: Only authorized personnel should be allowed to access and make changes to the OT network. This can be achieved by implementing proper authentication and access controls such as role-based access control (RBAC)
Endpoint protection: Deploy endpoint protection software, such as antivirus and anti-malware, on all devices connected to the OT network. This will help protect against malware and other malicious software.
Incident response plan: Establish an incident response plan for dealing with cyber threats and practice it regularly. This includes identifying the responsible personnel, communication channels, procedures, and incident severity level, etc.
Vendor assessment: Manufacturers should be aware of the security posture of their vendors and ensure they meet security standards to protect against cyber threats that could be originated from the vendor side.
Training: It is important to provide regular cybersecurity training to all employees, including those working in the OT environment, to help them identify and prevent cyber threats.
Overall, securing IT and OT systems requires a multi-layered approach that includes implementing security best practices, monitoring for unusual activity, applying security patches, and having an incident response plan in place. Manufacturers should also regularly evaluate and update their security measures to keep pace with the evolving cybersecurity threat landscape.