Tackling cybersecurity threats in manufacturing

The Asia-Pacific (APAC) region is home to powerhouse manufacturing nations like China, Japan, India, South Korea, and the rapidly advancing Southeast Asian countries. This provides a solid foundation for the adoption of smart manufacturing technologies, with APAC being the largest region in the global smart manufacturing market.

Rockwell Automation’s 2024 State of Smart Manufacturing report noted that cybersecurity has risen to the top of the list of external challenges APAC companies face, with 35% of companies citing it as a top external risk and barrier to digital transformation. The report also noted that cybersecurity expertise is the second most in-demand skill that APAC employers are seeking.

Embracing automation, robotics, cloud, and the Internet of Things (IoT) in operational technology (OT) systems heralds a new era of efficiency for manufacturers. Yet, this digital transformation opens potential vulnerabilities to cyberthreats. Security oversight, legacy systems, lack of skilled resources, and proper cybersecurity policies leave many companies vulnerable. Leaders must keep up with security updates to protect old systems. As skilled workers retire, the lack of trained staff also becomes a problem for handling security.

As the region increasingly plays a greater role in global supply chains, it is becoming a more attractive target for attackers seeking to exploit vulnerabilities. According to IBM’s 2024 X-Force Threat Intelligence Index, manufacturers in the APAC region are the primary targets of cybercriminals, with such cyberattacks constituting 46% of all reported incidents. Manufacturers need to prioritise the adoption of comprehensive cybersecurity measures, ensuring that their advancements in technology do not become their Achilles’ heel.

OT cybersecurity overlooked in manufacturing

The adoption of smart manufacturing technology, which integrates IT and OT networks, is on the rise. APAC is currently home to the largest smart manufacturing industry in the world and is expected to expand further by 15.7% in compound annual growth rate through 2030, according to a recent report by Fortune Business Insights.

The integration of IT and OT networks and the adoption of cloud technology facilitate information exchange between systems and physical assets, helping manufacturers make better business decisions. Manufacturers can leverage this information flow by implementing manufacturing execution systems, quality management systems, and other core business systems to help improve productivity, sustainability, and safety. However, the potential security risks associated with deploying these applications and connecting IT and OT networks are often overlooked. If OT networks are compromised, it could lead to the complete shutdown of a manufacturing facility, highlighting the need for manufacturers to recognise these risks and prioritise OT cybersecurity.

For example, Rockwell Automation’s Cybersecurity Incidents in Industrial Operations Report found that a Japanese auto manufacturer suspended operations on 28 production lines across 14 plants for at least a day after a suspected cyberattack hit a key supply chain partner, a manufacturer of plastic parts and electronic components. It’s crucial that manufacturers take proactive steps to address vulnerabilities and strengthen infrastructure security.

Key strategies for manufacturers to fortify cybersecurity

Many manufacturers find themselves grappling with the complexity of securing their industrial networks. While the necessity of building a robust cybersecurity program might be acknowledged, the starting point often remains elusive. The stakes are high: manufacturers risk financial losses due to downtime and damage as well as the compromise of critical equipment and data.

To help safeguard their smart manufacturing investments, manufacturers should implement robust OT cybersecurity practices including:

  • Implementing a zero-trust strategy: Adopting a zero-trust approach is important as it operates on the principle that no user or device, inside or outside the network, should be trusted by default. Implementing this strategy, especially when integrating new technologies, can significantly reduce the likelihood and impact of a successful cyberattack.
  • Segmenting and hardening networks: Network segmentation plays a vital role in cybersecurity. By segregating business-critical assets from non-critical ones, manufacturers can minimise the risk of widespread network breaches.
  • Deploying continuous monitoring: Continuous monitoring allows enterprises to maintain real-time awareness of their environments, identifying and responding to threats as they arise. For example, a semiconductor manufacturer suffered major losses due to invisible OT network threats. By implementing continuous monitoring, it now monitors and alerts for abnormal network activity without disrupting production.
  • Developing an OT-specific incident response plan: If an ICS/OT cybersecurity incident occurs within your facility, manufacturers can minimise its impact on downtime and speed recovery with proper cybersecurity incident response planning. Developing an action plan using a proven incident response framework helps to quickly investigate incidents, triage and quarantine problems, and restore operations. A good plan provides peace of mind to organisations, offering support before and after a cybersecurity incident.

In an era where cyberthreats evolve rapidly, it’s crucial for the manufacturing sector to adopt robust cybersecurity strategies specifically designed to meet the industry’s challenges.