To stay ahead of adversarial attacks, mid-size manufacturers must lean on the cybersecurity strengths of cloud service providers
For the second year in a row, manufacturing was the top cyber-attacked industry, according to IBM research. These attacks can shut down plants and force manufacturers to pay millions to regain access to their systems. For some manufacturers, these attacks keep them from investing in new technologies, especially cloud-based ones. But this is shortsighted. Not only is greater digitalization necessary to stay competitive in an evolving manufacturing landscape, but advanced digitalization can be a cybersecurity solution rather than a liability.
Think of it like this; if you were looking to keep your money safe, would you hide it under the mattress or put it in a bank? Hiding it under the mattress keeps it close and can give a sense of security, but given banks’ expertise and investments in security, money is certainly safer in a bank than under a mattress. The same logic can be applied to data. While it’s tempting to keep all your systems and data on-premises – a bit like hiding your money under the mattress – the safer option is to lean on the cybersecurity expertise and resources of a cloud service provider. With cloud storage, your data might not be physically close, but it’s far safer.
Back to basics: Cloud cybersecurity
In its most basic form, cybersecurity boils down to three principles:
Confidentiality: controls access to sensitive information and grants access only to required parties/individuals.
Integrity: maintains accuracy and trustworthiness of data; unauthorized individuals or processes cannot change data.
Availability: ensures information is accessible for authorized individuals.
To extend the bank analogy, confidentiality ensures that only individuals you’ve authorized can get into your vault. Integrity ensures that the contents of your vault remain unaltered and undamaged. And availability ensures you can access your vault when you need to.
Cloud-based manufacturing systems deliver on all three of these. Combining an authorization framework like OAuth2 with Active Directory (AD), which offers comprehensive authentication and authorization service through role-based-access-control (RBAC), ensures confidentiality; cutting-edge data quality and assessment tools ensure the health and integrity of your data; and by hosting systems on the cloud, your data is available to you from anywhere in the world in a secured way. Technologies like multi-factor authentication further reduces the risk of unauthorized access, enhancing the confidentiality of sensitive information.
Of course, on-premises solutions can deliver confidentiality, integrity, and availability as well, albeit in different ways. The key difference is the responsibility of cybersecurity. With on-premises solutions, the manufacturer is responsible for overseeing cybersecurity. At large enterprises, this might be doable with a team of highly trained experts. But most mid-size manufacturers can only afford a very small IT team. The beauty of cloud-based solutions is that cybersecurity largely falls on the cloud provider, whether Microsoft, Amazon, or Google. These companies employ larger teams of cybersecurity experts than even the largest manufacturers could ever dream of.
The cloud security best practices for manufacturers
Security by design
When investing in cloud-based technology, manufacturers must consider cybersecurity. While some technologies make cybersecurity an afterthought, others embed security in the design, following security by design principles. Security by design is a security assurance approach to software design that follows a set of principles, including:
- Defense in depth
- Secure by default
- Least privilege
- Separation of duties
- Minimized attack surface
- Complete mediation
- Open design
- Isolated compartments
- Evidence production
- Application coding best practices
- Consistent application of patches and security updates
While you may not be able to easily see all the ways a software company applies these principles, they often play out in features such as role-based access, two-factor authentication, and limiting system communication to the workspace.
Encourage a cybersecurity-aware team
Every company has one vulnerable access point in common: employees. For example, one of the simplest ways a hacker infiltrates is through an employee clicking on a phishing email. A strong IT team can only protect so much. Employers must encourage all employees to be vigilant about cybersecurity.
Employee cyber awareness is crucial to keeping a manufacturer safe from attacks. While the onus of responsibility for employee cyber awareness ultimately falls on a manufacturer, a cloud-service partner can assist in educating personnel. Targeted cybersecurity training, such as how to spot a phishing email, could save a manufacturer thousands of dollars and weeks of downtime.
Bring IT and OT together
IT and OT systems and their teams have lived in separate worlds for years and thus have different processes for many things, including security. However, digitization often involves greater and newfound connectivity between IT and OT systems. Therefore, manufacturers must integrate their approach to IT and OT security.
OT systems are integral to manufacturing, but their security has generally lagged behind IT. Often, legacy OT systems that “work well enough” are left unpatched and operate on outdated system versions. This lax security makes OT systems prime targets for hackers.
To make matters worse, 55% of organizations have inaccurate or no inventory on industrial assets. You can’t protect assets that you don’t even know you have. Therefore, gaining a clear view of OT infrastructure and assets is critical in creating a cybersecurity plan to improve network hygiene and to enhance security. Then, once you have a clear picture of your infrastructure, you should bring IT and OT stakeholders together to develop a cybersecurity plan that takes into account the unique nuances of each.
Teamwork is key to cybersecurity
Data is rapidly becoming enterprises’ most valuable asset. CEOs know this, and so do hackers. As the manufacturing industry continues its technological progression, stealing, ransoming, and corrupting manufacturer’s data will be a lucrative business for hackers. Manufacturer’s must be prepared for this. But they don’t need to do so alone. By moving to the cloud, manufacturers can team up with the best cybersecurity teams in the world to stay one step ahead of adversarial attacks and keep their data and their businesses safe.
About the Author
Kausik ‘KD’ Dasgupta is CTO at FactoryEye North America, part of Magic Software. Magic Software is a global company with 4 decades of IT experience in Industry 4.0, integration, and low code environment. Thousands of enterprises and partners around the world use our solutions, to develop, deploy, and integrate on-premise, mobile, and cloud-based business solutions.
Featured image: ©IEDNlab