How IIoT has raised the cybersecurity bar in manufacturing facilities

The widespread use of connected IoT devices in industrial environments has made them a target for cybercriminals. Because of this, security managers today now have a much larger threat surface to manage, as many critical assets for manufacturing exist in operational technology (OT) environments.

IIoT makes facilities more vulnerable

Acquiring plant and production data for business intelligence, analytics and decision-support help manufacturing facilities run more efficiently and is key to competitive success. This is all accomplished through industrial automation and the Industrial Internet of Things (IIoT); however, it has introduced security gaps into production organizations.

With most machines and components in a factory networked where IIoT technology is fully implemented, manufacturers have become vulnerable to cyberattacks from anywhere in the world. That is why robust cybersecurity solutions are essential.

“When field I/O such as gauges, valves and actuators become IP addressed and data-available through the internet, it becomes even more critical to protect the PLCs and HMIs that manage those internet-connected devices,” said Kevin Senator, CEO of Bayshore Networks.

One way to do this is by deploying solutions that secure one-way data transfer of highly sensitive information and database replications to applications such as ERP, MES, PIM, PLM and others. Adopting cybersecurity technology such as this helps facility security managers avoid the cost, time, and complexity of network segmentation projects on flat architectures within manufacturing environments, according to Senator.

More investment in cybersecurity needed

Companies today are investing more heavily in industrial automation. And while there is tremendous business value in adopting connected devices in industrial settings, Curtis Simpson, CISO of Armis, noted that most of these devices are built with minimal security precautions in mind and cannot be monitored by traditional security stacks. That is why it is equally important that security teams are given the necessary resources to secure their organization.

“It is critical that companies invest in technology that provides them with complete visibility into the IT, OT and IoT assets within their environment in a passive, continuous manner. If they are unable to track every device in their network, establish baseline patterns of behavior and begin monitoring for anomalous activity, it is only a matter of time before a breach occurs or propagates through such devices,” Simpson explained.

When a breach does occur, a lack of visibility could have an equally damaging effect on incident response capabilities. Simpson stressed that failure to understand the devices involved in an attack limits a facility’s ability to effectively respond to the attack, minimize the exposure and restore critical operations with confidence. This is especially important as the tolerance for downtime in such environments is continuously reducing.

Compliance with standards

In order to address the growing need to better protect industrial automation and control systems (IACS) from security vulnerabilities, the ISA/IEC 62443 series of standards — which includes technical reports and other related information — was developed. According to the International Society of Automation (ISA), the standard “provides a flexible framework to address and mitigate current and future security vulnerabilities in industrial automation and control systems.”

The most recent standard ISA-62443-4-2 was introduced in 2018 and addresses technical security standards for IACS components, specifically the embedded devices, network components, host components and software applications. Keeping up with and being in compliance with these standards can help manufacturers mitigate cybersecurity threats.