Improvements through Digitization
How do manufacturers reduce costs and cycle times while increasing productivity, yields and market share? Through digitization. Digitization means greater connectivity and data. As more and more devices are connected to networks, silos are removed and data from each device can be transformed into a treasure chest of valuable information.
Discrete manufacturers transform raw components into finished product that needs to be produced at the highest quality with minimal variation and on-target specifications. To do so, they rely upon data from networked components at each step of the production process. In a manufacturing environment, production lines are often run at maximum capacity, and downtime may cost hundreds of thousands or even millions of dollars per hour. When out-of-spec products are not caught in time, it can lead to costly product recalls, a degradation in brand reputation or even litigation.
Furthermore, the typical manufacturing plant contains countless dangers to human life and safety, with light curtains, motion detectors, sensors and other technologies helping ensure that everyone gets home at the end of the day. What if any of these fail-safes have been compromised? Can we trust them if they are responding inappropriately to data or responding to false data? How do we know they could be in an unreliable state?
Increased Connectivity, Increased Profitability and Increased Risk
Vital automation components that have long operated independently now often proactively share real-time data, communicating in line to allow finer control of processes. The continuing evolution of the Industrial Internet of Things (IIoT) promises even greater connectivity, utilization and value for connected devices and shared data.
With connectivity, however, comes new concerns. Isolated for years, these control networks are now potentially linked to the outside world. This opens up the plant to a host of potential cyber-related incidents, malicious and accidental alike. Many of these threats are new territory for OT personnel, including ransomware, malware, employee cyber sabotage, network failure, user error and more.
Cybersecurity Threats: Malicious and Accidental
Cybersecurity incidents are not only perpetrated by malicious actors, such as hackers and malware developers. A cyber event is considered anything that negatively impacts the network and impedes the ability to view, monitor, control or maintain the availability of an industrial process. This includes:
- Hacking attacks such as denial of service, malicious mischief or corporate espionage
- Malware attacks such as ransomware and viruses
- Innocent human error by otherwise valued employees
- Disgruntled employees who can wreak havoc from inside the network
- Quietly failing equipment and components that can slow processes or produce operational issues like off-spec conditions
Two Cybersecurity Actions to Start Now
As the benefits of connectivity increase, the threat of cyber incidents increases in tandem. Operations personnel must begin tapping into available cybersecurity techniques and technologies, many long familiar to IT, in order to protect their OT production environments. Two fundamental actions you can start now include:
- Cybersecurity Best Practices
Separating the OT and IT networks with firewalls and disabling connectivity between industrial production devices and the global Internet
- Ongoing Asset and Network Visibility
Establishing and continually maintaining insight into network operations in real time, inclusive of maintaining an accurate asset inventory
Asset visibility is not just about security; it can also be integral to process stability and optimizing quality and yields.
In the next entry in this blog series, we will dive deeper into other guidance to help reduce the risk of a cyber event negatively impacting safety, quality and productivity of your manufacturing operation.
Gary DiFazio is the Strategic Marketing Director for Industry Cybersecurity at Tripwire. He has been in the technology space for over 26 years, spanning experience with systems, applications, networking, and cybersecurity through a number of industry verticals including telecommunications, manufacturing, retail, federal government, financial services, electric utilities, and logistics/distribution. Gary comes to the Belden family through the acquisition of Tripwire. After Belden acquired Tripwire in January 2015, Gary was part of the team to help drive Industrial cybersecurity solutions to both Tripwire customers and Belden Industrial Networking customers. Gary holds a bachelor of science in Industrial Engineering from Clemson University.