Connectivity & Cyber Risk: Protect Your Smart Factory

Improvements through Digitization

Discrete manufacturers transform raw components into finished product that needs to be produced at the highest quality with minimal variation and on-target specifications. To do so, they rely upon data from networked components at each step of the production process. In a manufacturing environment, production lines are often run at maximum capacity, and downtime may cost hundreds of thousands or even millions of dollars per hour. When out-of-spec products are not caught in time, it can lead to costly product recalls, a degradation in brand reputation or even litigation.

Furthermore, the typical manufacturing plant contains countless dangers to human life and safety, with light curtains, motion detectors, sensors and other technologies helping ensure that everyone gets home at the end of the day. What if any of these fail-safes have been compromised? Can we trust them if they are responding inappropriately to data or responding to false data? How do we know they could be in an unreliable state?

Increased Connectivity, Increased Profitability and Increased Risk

Vital automation components that have long operated independently now often proactively share real-time data, communicating in line to allow finer control of processes. The continuing evolution of the Industrial Internet of Things (IIoT) promises even greater connectivity, utilization and value for connected devices and shared data.

With connectivity, however, comes new concerns. Isolated for years, these control networks are now potentially linked to the outside world. This opens up the plant to a host of potential cyber-related incidents, malicious and accidental alike. Many of these threats are new territory for OT personnel, including ransomware, malware, employee cyber sabotage, network failure, user error and more.

Cybersecurity Threats: Malicious and Accidental

Cybersecurity incidents are not only perpetrated by malicious actors, such as hackers and malware developers. A cyber event is considered anything that negatively impacts the network and impedes the ability to view, monitor, control or maintain the availability of an industrial process. This includes:

• Hacking attacks such as denial of service, malicious mischief or corporate espionage
• Malware attacks such as ransomware & viruses
• Innocent human error by otherwise valued employees
• Disgruntled employees who can wreak havoc from inside the network
• Quietly failing equipment & components that can slow processes or produce operational issues like off-spec conditions

Two Cybersecurity Actions to Start Now

As the benefits of connectivity increase, the threat of cyber incidents increases in tandem. Operations personnel must begin tapping into available cybersecurity techniques and technologies, many long familiar to IT, in order to protect their OT production environments. Two fundamental actions you can start now include:

1. Cybersecurity Best Practices
Separating the OT & IT networks with firewalls & disabling connectivity between industrial production devices & the global Internet

2. Ongoing Asset and Network Visibility
Establishing & continually maintaining insight into network operations in real time, inclusive of maintaining an accurate asset inventory

Asset visibility is not just about security; it can also be integral to process stability and optimizing quality and yields.

In the next entry in this blog series, we will dive deeper into other guidance to help reduce the risk of a cyber event negatively impacting safety, quality and productivity of your manufacturing operation.