It would be nice if cyberattacks started to slow down. Unfortunately, that doesn’t seem to be the case, especially for industrial organizations. Earlier this year, Trend Micro Incorporated announced new data showcasing that “89 percent of electricity, oil and gas, and manufacturing firms have experienced cyber attacks impacting production and energy supply over the past 12 months.” The study also found that in comparison to IT, OT security functions tend to be less mature in regards to risk-based security.
Whether these are new or simply rebranded groups, it’s clear that manufacturing needs to watch its back. And, no, it doesn’t matter what you’re manufacturing. Targets have ranged from cosmetics to metal products. For instance, one of the world’s largest copper producers, Germany’s Aurubis, was recently forced to switch to manual administrative operations while investigating a cyberattack.
Organizations Are Stepping Up Their Cybersecurity Game
It’s not all bad news, though. We’ve been facing these challenges for a bit now. Sure, they are constantly evolving. However, operators are starting to become savvy to the trend and stepping up their cybersecurity game and conducting more security audits, which, in the long run, will help to circumvent new threats.
The increase in security audits, specifically, brings us to the point of this blog post. As cyber risks persist and progress in addressing them is made, it is critical that understanding the asset inventory of the plant floor is a part of the mix. Essentially, this should be a complementary task to an audit. However, as Dino Busalachi writes for Smart Industry, “Maintaining accurate, up-to-date technology-asset inventories has always been a challenge in manufacturing environments.” Manual methods can be extremely costly and time-consuming. And in today’s landscape, it’s possible that what is found is irrelevant by the time the review is completed.
Maintaining A Strong Security Posture on the Plant Floor
Despite difficulty, demand for these inventories is stemming from a number of places, including regulators. For example, “The US Department of Homeland Security Transportation Security Administration has established standing requests for updated asset inventories in the transportation and power sectors,” Busalachi explains in the same article. Needless to say, comprehensive asset checks are increasingly important and in need of updating. So, find partners that can help develop a strategy for completing this process, offer tools that can help to automate it and have the proper cybersecurity expertise to navigate the OT environment of a plant floor and the supply chain it relies on.
It’s a lot easier to protect your territory when you’ve mapped it out. This proactive step will allow you to identify, handle and prevent vulnerabilities, ensuring that you remain in control of your operations.
Sources
- “Cyberattack Hits German Copper Manufacturing Giant” – Akshaya Asokan, Bank Info Security
https://www.bankinfosecurity.com/cyberattack-hits-german-copper-manufacturing-giant-a-20378 - “The keys to knowing what OT assets you’ve got and how to protect them” – Dino Busalachi, Smart Industry
https://www.smartindustry.com/benefits-of-transformation/cybersecurity/article/21437345/the-keys-to-knowing-what-ot-assets-youve-got-and-how-to-protect-them - “Cyber Attacks Against Critical Infrastructure Quietly Increase” – Dan Lohrmann, Government Technology
Learn about DYNICS’ ICS360.Defender – an industrial control system security platform.
