According to Manufacturing.net, global spending on digital transformation is expected to grow to $2.8 trillion by 2025. Manufacturing industries make up around 30% of that transition. The move further toward this environment offers necessary updates to plant floors and other industrial settings, provides greater efficiency, and was certainly pursued in 2022. There’s no doubt that this trend will continue in 2023. But as it does, ICS cybersecurity will need to be prioritized more than it’s ever been.
Greater Cross-Sector Cooperation
While many strides have already been made, it is predicted that 2023 will bring even more cross-sector driven efforts to enhance cybersecurity. Along with the release of industry-specific guides, Director of the Cybersecurity and Infrastructure Security Agency (CISA), Jen Easterly, stated that the agency will aim to build more infrastructure cybersecurity plans for areas such as water. Plus, the European Union has proposed a legal framework around critical infrastructure cybersecurity. In an article for Security Boulevard, Danielle Jablanski adds, “New direction and bolstered industry involvement will produce greater situational awareness, trust, and resolve across the critical infrastructure security community.” Part of that will be increased information sharing. In the new year, developing more inclusive communication to learn from one another will be an essential element of evolving ICS practices.
How to Step Up Industrial Cybersecurity in 2023
Alongside seeking out comradery within and outside of your specific industry as well as keeping up with agency resources and regulations, there are other immediate steps that can be taken when strategizing how to protect operations such as plant floors in the new year. To start with, conduct a survey that identifies each device and potential vulnerability within the OT network. Next, Scott Dowell suggests in a piece for Manufacturing.net securing “appropriate architecture to handle the complexities of increased digital communication, and group digital assets into isolated Industrial Control System (ICS) zones.” Third, as we’ve stated previously, it is important to establish a cybersecurity policy and implement training for staff to ensure that they are able to properly meet and progress that policy.
Additional tools worth considering are zero trust, remote browser isolation (RBI) and microsegmentation. Both zero trust and RBI help manufacturers and others dealing with ICS keep up with the fast pace of change impacting these systems, including the expanding adoption of web applications and connected devices. Meanwhile, microsegmentation assists in reducing and isolating attacks.
Sources:
- “4 Steps to Shore Up Cybersecurity on the Plant Floor” – Scott Dowell, Manufacturing.net
https://www.manufacturing.net/industry40/blog/22604849/4-steps-to-shore-up-cybersecurity-on-the-plant-floor - “Severe vulnerabilities found in most industrial controllers” – Tim Starks, The Cybersecurity 202/ The Washington Post
https://www.washingtonpost.com/politics/2022/12/14/severe-vulnerabilities-found-most-industrial-controllers/ - “OT Cybersecurity in 2023: Time to Show the Receipts” – Danielle Jablanski, Security Boulevard
https://securityboulevard.com/2022/12/ot-cybersecurity-in-2023-time-to-show-the-receipts/ - “Why the manufacturing sector must make zero trust a top priority in 2023” – Louis Columbus, VentureBeat
https://venturebeat.com/security/why-the-manufacturing-sector-must-make-zero-trust-a-top-priority-in-2023/
Learn about DYNICS’ ICS360.Defender – an industrial control system security platform.
