It’s time to give operations teams the digital tools they need for security

October 12, 2018 – On the factory floor, every new connection point is an opportunity for operations teams to monitor, analyze and optimize performance. It’s also a security risk.

As connectivity increases through networked sensors, devices and other Internet of Things (IoT)–enabled equipment, so does complexity – and so do security concerns. Providing operations technology (OT) teams with IT network connectivity, and not a cybersecurity backbone to ensure the network stays secure, is not enough.

Consider that every new asset you put on the network is another security consideration, and another risk that requires monitoring. In many factories, the sheer number of assets is making it difficult for OT professionals to understand their security posture, let alone have visibility across the entire network, at any given moment.

Many manufacturers also lack the digital tools to identify what normal network activity looks like, which makes it almost impossible to identify threats when an abnormal condition arises. Why? Industrial control system (ICS) environments consist of many types of equipment operating many different industrial IoT protocols. Getting a centralized view is difficult, to say the least.

These networked assets have made manufacturing environments an attractive target for cybercriminals, who understand that many are vulnerable to threats. These cybercriminals use ransomware to extract money from manufacturers, often by threatening to shut down production or delete intellectual property. And let’s not forget that much of the equipment in Canadian factories is more than 20 years old. It was never designed to guard against sophisticated cyberattacks.

So what does this all mean? It means that it’s time to give OT professionals the digital tools they need to keep factories secure. It means that OT must take ownership of cybersecurity. And it means that IT professionals need to help.

To start, many OT professionals do not have sufficient training or education in cybersecurity, which are necessary to manage and protect against advanced ransomware and other threats. Manufacturers must make it a priority to educate their operations teams in this area. Because while your IT department can, and should, help operations teams understand and manage security policies, they are not familiar with the complexities of factory operations and manufacturing technologies.

The key, then, is for OT and IT professionals to work together to keep factory equipment and networks secure. IT has the expertise to provide operations with the tools and training needed to secure factory networks, and OT has the manufacturing expertise required to advise IT on the nuances of a production environment.

Here are four ways that IT and OT professionals can work together to provide OT with the digital tools that keep factories secure:

1. Empower OT while keeping IT in control of security
   What: Allow IT to define security policies that dynamically apply themselves based on OT’s intentions and input. Why: OT needs to be able to take ownership of security to ensure continuous operations, but requires IT expertise to do so.
2. Segment networks
   What: Create discrete network zones within your overall topology that restrict access and prevent infection. Why: Cybercriminals are looking for any entrance point they can find. For example, one case of the WannaCry ransomware attack in May 2017 started from a single workstation that was connected to the network at large. Segmentation helps to prevent infections from spreading too far.
3. Provide a full view of industrial network topology for OT
   What: Empower OT with a centralized network dashboard so they can stay abreast of conditions and deep dive into individual assets.
   Why: OT needs better context around security to successfully enforce it.
4. Enable remote access
   What: Enable secure, remote access to securely bring in remote expertise such as contractors and vendors to help solve issues, apply patches and more, without needing to involve IT in every incident.
   Why: Allowing OT to enable access to select assets for third-party organizations helps increase agility and ensure continuous operations.

To maintain all processes and keep factories safe from cyber threats, OT professionals need to be more self-reliant. Without visibility into the network, they can’t understand activity or identify anomalies. And without the ability to manage and apply security policies, they’re too dependent on IT – slowing down responses, creating confusion and impacting productivity. By giving operations teams the right digital tools to understand and protect against threats, all manufacturers will sleep better at night.

Jennifer Rideout is the manufacturing marketing manager for Cisco Canada. She is responsible for developing go-to-market strategies for the manufacturing sector in Canada, including channel alignment and content development.

This article originally appeared in the October 2018 issue of Manufacturing AUTOMATION.