Automated manufacturing cybersecurity risks

There is a strong need to take a fresh look at automated manufacturing with concern to cybersecurity. Three risks and three tips are highlighted.

By Rebecca Jess April 17, 2022
Image courtesy: Brett Sayles

Automation is the use of equipment to automate systems and production processes to reduce work. While factory automation and robotic innovations are thriving in the U.S., the country has fallen behind in utilizing automation for manufacturing. With the COVID-19 pandemic, however, there is a strong need to take a fresh look at automated manufacturing with concern to cybersecurity.

Three cybersecurity risks in automated manufacturing

As many workforces have gone digital due to the pandemic, there has been an increase in network attacks and intrusions from cybercriminals. Manufacturing is one of the most targeted industries, with Morphisec reporting that one in five companies are targeted by cyberattacks. Hackers are gaining more access to production systems because employees are telecommuting, rather than working on-site.

Some of the major cybersecurity risks to automated manufacturing include:

1. Cloud and edge computing: Cloud and edge computing are primarily used for data storage. These empower manufacturers with applications like data computing, sales coordination, real-time project collaboration, and enterprise resource planning management. From a security standpoint, an IT team may lack the know-how when it comes to the cloud, as many manufacturers use outdated cloud systems.

2. Edge computing, on the other hand, requires one to move data and processes to a repository that is physically located at the manufacturer’s site. While this gives more control to manufacturers, edge computing also creates a dangerous consolidation of information ripe for a potential enterprise-wide breach.

3. Integrated technology: Integrated production lines utilize smart sensors and actuators to collect digital data not just to automate machine functionality, but to integrate machine communications and allow a degree of secure remote access. However, these network-connected operations may be open to cyberattacks. The wirelessly-connected input/output points—controlled by apps with Wi-Fi for data flows—are vulnerabilities for entry.

Three tips for mitigating automated manufacturing risks

1. Hire the right professionals: An article from the World Economic Forum discussed how governments and companies are facing a shortage of cybersecurity professionals. This demand can be addressed by retraining people in cybersecurity so that they are capable of countering attacks. Without the right skilled professionals, even a robust cybersecurity system may fail.

Many professionals choose to hone their skills through specialized training, particularly online, as remote arrangements continue to become the norm. Online training also gives professionals the edge to conduct cybersecurity activities remotely, simulating real-world scenarios. Case in point, Maryville University’s online Master’s program in cybersecurity doesn’t just teach technical cybersecurity skills, they also provide a virtual training environment. Through the Maryville Virtual Lab, students can hone their skills in cybersecurity and digital forensics through a safe, virtual environment. Hiring professionals that have done this type of training, or even providing this type of education to an existing IT team, can help mitigate cybersecurity risks.

2. Assess risks in detail: Different attacks can disrupt production or inflict serious damage to machinery, so a detailed cyber-risk assessment should look at all the products that make up the industrial ecosystem. Cybersecurity consultant Hal Thomas notes that a risk assessment should consider potential threats and vulnerabilities to gauge the likelihood of a successful cyberattack

Threats can originate from inside and outside a facility, from disgruntled employees or contractors to actions by foreign governments or terrorists. It is crucial to look at these pathways and set up the appropriate countermeasures.

3. Create a clear response strategy: It’s important to have a clear strategy that boosts cybersecurity systems. A response strategy should include cyberattack insurance, a compliance audit trail, and investments in vigilance training for staff. Setting up policies and procedures around cyber safety can create an internal culture that helps safeguard sensitive data.

– This originally appeared on ISA Global Cybersecurity Alliance’s website. ISA is a CFE Media and Technology content partner.


Author Bio: Rebecca Jess, ISA Global Cybersecurity Alliance