Get Started
Balancing risk

ARTICLE | September 27, 2023

Bolstering OT to keep manufacturers safe

As factories become more integrated into the broader business, cybercriminals are increasingly exploiting them in their attacks

By Sascha Brodsky, Workflow contributor

In today's interconnected world, where manufacturing systems are seamlessly integrated into broader business operations, cyber threats loom larger than ever. 

An array of internet of things, RFID, and other operational technologies (OT) utilized on the factory floor can serve as entry points for cybercriminals to tunnel into corporate IT, or vice versa. 

Yet safeguarding these critical OT systems often takes a backseat to securing high-profile IT operations, leaving industrial environments exposed to cyber risks and susceptible to attacks. 

Companies may soon find themselves struggling to keep up with digital intruders, whose criminal sophistication continues to grow. In a survey by ServiceNow and Dynata, only 34% of respondents said they planned to make a large investment in methods to protect from cyberattacks. 

It’s no surprise that IT operations overshadow their OT counterparts in terms of funding and strategy. After all, protecting customer data and business-critical information is of paramount importance. But doing so shouldn’t come at the expense of securing an OT landscape, whose vulnerabilities can leave manufacturers with security risks and exposed to potentially devastating attacks that could disrupt production, cause machinery to malfunction and endanger employee or public safety, as well as compromise sensitive data and tarnish a company's reputation.

“Operationally, the primary objective of OT is to provide safe and reliable operation,” says Steve Mustard, an independent automation consultant and subject matter expert of the International Society of Automation. And historically, these systems were typically self-contained on-site. “As a result,” says Mustard, “there were no demands for securing the technology. Now, these systems are connected to the internet, as well as business systems in IT environments,” making security a more central issue. 

What’s more, because OT environments are so complex, manufacturers often don’t know how vulnerable they are—and therefore haven’t invested sufficiently in OT cybersecurity. Only 35% of manufacturers said they had a single, comprehensive view of OT vulnerabilities, according to ServiceNow and Dynata’s survey.
 

35%

of manufacturers said they had a single, comprehensive view of OT vulnerabilities

 Workflow Quarterly

Making risk pay

Read more

Cybercriminals are starting to pay more attention to OT. In 2021, there were 64 publicly reported operational technology cyberattacks, marking a 140% increase in OT data breaches compared to the previous year. Roughly 35% resulted in physical disruptions, including a ransomware attack against Dole, which caused a plant shutdown and resulted in food shortages. The estimated average damages caused by each attack amounted to $140 million.

The recent convergence of IT and OT has opened new avenues for cyberattackers to exploit. Malicious actors are increasingly targeting interconnected industrial control systems, posing risks to global supply chains and economic stability.
 

Cyberattacks against manufacturers: Why hackers choose OT 

Attackers have varied motives, from causing production disruptions and supply chain issues to engaging in industrial espionage by stealing valuable data and proprietary information, according to a report by PwC. Ransomware attacks are also on the rise. In a 2021 cyberattack, the world's largest meat producer was forced to shut down its nine US beef plants and suffered disruptions at poultry and pork plants. 

“The industry must start focusing on protecting critical infrastructure through robust cybersecurity,” says Hartmut Mueller, vice president and chief transformation officer at ServiceNow. “There’s no longer a gap between IT and OT, and we are seeing the results of deficiencies in security practices every day.”

There’s no longer a gap between IT and OT, and we are seeing the results of deficiencies in security practices every day.

A secure enterprise requires both robust IT and OT security. If one falls short, there will always be increased levels of risk. 

According to the ServiceNow/Dynata survey, manufacturing leaders recognize the significance of improved cybersecurity around OT. Four out of 5 respondents said they put a high priority on improving OT security to preempt attacks more effectively, to prevent factory downtime, and to keep their employees safe. However, only one-third of respondents had actually made significant progress securing their OT systems. 

OT security best practices

The approach to keeping a company safe should be comprehensive and holistic, a combination that includes unifying data and best practices across internal OT and IT teams, as well as managing risk from a large ecosystem of third parties. That includes keeping tabs on older equipment, too, notes William Heinrich, founder of Strong Tower Cybersecurity. “They were installed when cybersecurity practices weren't a concern,” he says. “Additionally, the technology may be old enough that patches for operating systems, software, and firmware are no longer available.”

Assess existing OT systems with risk scores

A good first step to creating more secure systems is an inventory of industrial equipment and a basic risk assessment that includes understanding the consequences of compromise and the vulnerabilities in the OT infrastructure. Mustard suggests asking: How are these systems connected to the network? What types of cybersecurity mechanisms are installed? Are there any vulnerabilities, and are there any patches to close the vulnerabilities? These assessments also need to occur in real-time or near real-time. 
 

Prioritizing the most critical asset vulnerabilities with risk scores enables manufacturers to optimize the continuity of operations. Automated OT service management and intelligent routing can proactively resolve the vulnerabilities and risks that are most pressing. In the survey, manufacturers identify OT service management as the top targeted area to improve operational technology security.

Regular OT security reassessments are integral to organizational safety

To safeguard against future disruptions, a fundamental reassessment of OT security is required, integrating it into the enterprise risk approach that has long been taken for IT. This strategic conversation starts at a C-suite level, helping to define governance and responsibilities across OT and IT teams. By creating a unified operating model, manufacturers can proactively identify vulnerabilities, mitigate cyber threats, maintain compliance, and ensure a more cyber-secure and efficient future for their businesses. 

Prioritizing the most critical asset vulnerabilities with risk scores enables manufacturers to optimize the continuity of operations.

Trending articles

Related

Rethinking business resilience

Read column

Related articles

To grow your cybersecurity muscle, look inside
ARTICLE
To grow your cybersecurity muscle, look inside

Attacks are on the rise and talent is scarce. So retrain the staff you already have

Meet your new GenAI threat hunter
Quarterly
Meet your new GenAI threat hunter

Cybersecurity pros and hackers are locked in an AI arms race. Enterprises can’t afford to come up short.

The importance of cybersecurity threat intelligence
LEARN
The importance of cybersecurity threat intelligence

Understanding cyber threats preemptively allows companies to invest in security more wisely and respond to attacks more quickly. 

Accounting for technology risk
Column
Accounting for technology risk

Banks are transforming themselves to better meet the latest challenges and risks, yet a new survey of global banking executives reveals there’s still a lot more to do

Author

Sascha Brodsky

Sascha Brodsky is a freelance journalist based in New York City. He's a graduate of the Columbia University Graduate School of Journalism and Columbia's School of International and Public Affairs.
Articles by Sascha Brodsky