Managing Cybersecurity Risks in Digital Environments

Manufacturing production teams are expected to do more with less, from achieving higher output and shorter lead times to more product customization. Deploying automation and technology, ranging from robotics to smart manufacturing software that connects IT and operational technology (OT), is an attractive means of supporting and optimizing production. However, as new technologies are introduced to facilities’ IT landscapes, and IT and OT networks converge to take full advantage of modern manufacturing technology capabilities, there are serious cybersecurity risks that organizations must consider in their digital transformation and technology adoption strategies.

The State of Robotics and Digital Technology in Manufacturing

Once considered hype, deploying automated and collaborative robotics has become a key focus of many manufacturers as they navigate the challenges of production in today’s fast-paced business environment. Nearly half (40%) of manufacturers have already invested in collaborative robots (cobots), and even more manufacturers (47%) have also invested in automated mobile robots and guided vehicles, according to Rockwell’s 8th Annual State of Manufacturing Report.

These investments are also providing significant returns to manufacturers. Out of all technology deployments, 18% of manufacturers agree that automated mobile robots and guided vehicles provided the best ROI. This is, in part, due to the quick deployment of robots once investments and deployment strategies are determined, which is demonstrated by 35% of manufacturers stating that automated mobile robots and automated guided vehicles are employed in manufacturing processes today. Therefore, nearly 75% of manufacturers who have invested in robots are already using them in day-to-day production processes and receiving ROI from their deployment.

In manufacturing environments, automated robots provide numerous benefits to enterprises and their workforce. For instance, robots can help protect workers and increase safety by taking over dangerous and dull aspects of production. Using work instructions and production details contained in manufacturing execution systems (MES) and quality management systems (QMS), as well as other core business systems, robots can more precisely execute certain aspects of manufacturing, such as cutting and shaping automotive components and panels or sheet metal. This reduces the risk of human error and wasted materials stemming from parts containing production errors. Robots can also work 24/7, performing tedious and dull tasks that do not require human oversight when human workers are off the clock.

The same challenges of tight production schedules, increased output and a lack of available workers are also driving manufacturers to adopt digital technology solutions. It’s been reported that 97% of manufacturers have already adopted, are currently adopting or are considering adopting smart manufacturing technologies and digital solutions to overcome obstacles to success. Manufacturers also cite process automation as the technology that provides the largest ROI.

A key component of enabling process automation is investment in digital cloud technologies that link IT and OT networks. Digitalizing manufacturing solutions, including MES, QMS and other core manufacturing business systems are essential to achieving process automation and realizing the benefits that accompany optimized production. However, despite the benefits provided by digital technology solutions and robots, there are significant security risks tied to deployment that manufacturers cannot overlook.

Risks with Robotics and Digital Solutions

While manufacturers are focused on internal challenges, such as balancing quality and growth and worker retention, as well as external obstacles to growth and success, such as inflation and raw material shortages, many manufacturers don’t recognize the cybersecurity risks associated with digital transformation and deployment of new technologies. In fact, cybersecurity risks were deemed the sixth biggest challenge facing manufacturing businesses today, topping inflation and supply chain disruptions among other obstacles.

Deploying automated robots and cobots also introduces new ways for bad actors to negatively impact production and safety. Cyberattacks on IT and OT networks can result in data breaches, IP theft and production blockages. However, in addition to these risks, cyberattacks on automated robots can cause risks to worker safety and customer safety. For example, a cyberattack on a robotic arm designed to lift thousands of pounds of material and move at rapid speeds could cause the arm to lose track of its position in the facility and injure a worker. Alternatively, the robotic arm’s control parameters could be maliciously altered to introduce errors and risks into production processes, potentially leading to unsafe finished products.

Despite a lack of awareness of cybersecurity risks, Gartner predicts that by 2025, 45% of global organizations will be impacted by a supply chain cyberattack. The thing about cybersecurity risks, unlike raw material shortages or workforce challenges, is that the manufacturer has the capability to avoid them.

Cybersecurity attacks tend to target IT systems, as they connect enterprises with the outside world and serve as a logical entry point for malware and phishing attacks. Prior to widespread cloud and automation technology adoption, when IT and OT networks were inherently separated, manufacturers didn’t have to worry about cyberattacks impacting production. While IT systems contain protected data surrounding production processes and customer information, they do not control the actual production of a manufacturing facility in the way that OT systems do.

With the proliferation of robotics and digital technologies, there are multiple connections between OT and IT networks to facilitate information exchange and real-time updates. These can include: wireless connections between robots and IT or OT systems; human machine interfaces (HMI); programmable logic controllers (PLC); supervisory control and data acquisition (SCADA) systems, which enable the automation of industrial processes by capturing OT data in real time; and engineering workstation applications.

If OT networks are compromised in a cybersecurity attack, it could bring down an organization’s entire facility. This not only slows the pace of business for the attacked organization but causes rippling delays throughout entire supply chains. For food and beverage companies, cyberattacks could jeopardize confidential recipes or alter ingredients used in food production, which could lead to consumer safety risks. In water treatment, cyberattacks could cause facility monitoring systems to become unreliable through malicious tampering, adjusting the levels of chemicals such as chlorine, which could poison the local community. As the industry’s understanding of cybersecurity risks evolves, so must OT cybersecurity protections and practices.

Best Practices for Manufacturing Environments

Taking proactive steps to shore up vulnerabilities through infrastructure security solutions will reduce these organizational and operational risks. Developing a comprehensive, proactive cybersecurity strategy for manufacturers can be a daunting task. As companies evaluate and enhance cybersecurity hygiene and converged IT and OT security strategy, the National Institute of Standards of Technology (NIST) Cybersecurity Framework (CSF) recommends five essential areas to prioritize. By following these steps, organizations can enhance cybersecurity and ensure a resilient and secure manufacturing environment.

1. Identify

Begin by conducting a thorough inventory of your network assets. This includes industrial control systems as well as any new software or devices used by employees. Understanding what is connected to your network is crucial for effective security.

To gain a precise understanding of what requires protection, assess operations from a Zero Trust perspective, employing a Protect Surface methodology that prioritizes critical data, assets, applications, and services (DAAS) in order of importance. Implement the most suitable Protect controls as closely as possible to the assets being safeguarded.

2. Protect

Implement safeguards to protect your assets against evolving cybersecurity threats. Select control measures that align with compliance standards or security frameworks, such as the NIST CSF. These may encompass multifactor authentication, access control, data security, perimeter network deployment and micro segmentation. Additionally, implement protective measures such as CIP product security, perimeter hardening, firewall deployment and patch management. By employing these countermeasure controls, manufacturers can proactively manage risk and protect crucial data vital to operations.

3. Detect

Constant vigilance is necessary to detect and respond to cyber threats. Having comprehensive knowledge of all endpoints within an organization’s network, including plant-floor assets, laptops, mobile devices, security cameras and USB ports, is crucial. Additionally, real-time visibility into the activities of others accessing and manipulating these assets is essential.

Threat detection services play a vital role in monitoring and identifying the growing complexity of threats. These services provide visibility across both IT and OT environments, enabling real-time monitoring, deep network inspection, and detection of malicious activities. An OT security operations center (SOC) staffed with experienced security professionals offers a valuable combination of expertise, technology and real-world experience. This level of cybersecurity protection is challenging for individual organizations to replicate at the same cost. As security operation tools converge in IT, such as security information and event management (SIEM) and security orchestration, automation and response (SOAR), such tools will soon be integrated into production environments.

4. Respond

In the event of a security incident, it is crucial to respond swiftly to contain and mitigate the threat. Having a mature incident response plan in place, along with access to threat detection services, is vital for effective risk management. Regularly test and refine your response plans to ensure readiness.

5. Recover

After a security-related downtime event, prioritize the quick restoration of production operations. Use backup and recovery services to maintain near real-time records of production and application data. By having these resources available, you can expedite the recovery process and quickly restore operations following an incident. Once operations are back to normal, conduct a thorough analysis of the incident to identify the root cause and address security gaps. Conducting this analysis will shed light on strategies to address security vulnerabilities, enhance the company’s overall security stance and bolster organizational resilience against future threats.

Cybersecurity and the Future of Manufacturing

Exposures can extend much longer in OT environments when compared to IT, and those exposures are made worse when leaders are not fully aware of the scope of the problem. Industrial organizations must prioritize safety and reliability to protect against cyberattacks. And do so quickly.

The adoption of automated and collaborative robots and digital technology solutions, including MES, QMS and other core business systems, is on the rise. However, there are serious cybersecurity risks that manufacturers must consider in their digital transformation and technology adoption strategies. Cybersecurity attacks can have catastrophic consequences on the production process and entire supply chains, making it crucial for manufacturers to implement OT cybersecurity protections and practices to avoid cyberattacks. By understanding these risks and adopting best practices for cybersecurity, manufacturers can continue to optimize production and reap the benefits of automation and digital technology solutions.