In previous blogs in this series, we looked at one of the unintended consequences of implementing Industry 4.0 technologies and processes – the increased attack surface. In other words, the more equipment you connect, the larger the target for would-be attackers. We also looked at the challenges of dealing with this Industry 4.0 cybersecurity issue, and we outlined the main best practices.
In this final blog in the series, we outline the Industry 4.0 cybersecurity risk mitigation process. This process will help you overcome the challenges of cybersecurity and protect that ever-growing attack surface.
There are three main parts of this risk mitigation process:
- Assess
- Secure
- Monitor
1. Assess Industry 4.0 Cybersecurity Risks
Cybersecurity Maturity Assessment
This part of the process starts by conducting a cybersecurity maturity assessment of your organisation with the aim of identifying risks to OT equipment and systems.
Risk Evaluation and Prioritisation
Once risks are identified, they need to be evaluated and prioritised to assess the probability of occurrence and the level of harm that could be caused. Those with a high probability of occurring and a high level of harm should be the highest priority.
Remember, however, that cybersecurity risk evaluation is not just about looking at the immediate threat. You also need to look at the root cause.
For example, one area that might be identified as high risk is malware knocking systems offline or putting data at risk. The probability of this occurring is high as malware attacks are commonplace. If such an attack is successful, it is likely to have a significant impact. Therefore, it makes sense to mitigate this risk.
Further analysis might reveal there is insufficient monitoring of malware and a poorly configured firewall. There might also be security patches that have not been applied.
You should put in place mitigation measures to harden these technology and process weak points. However, this doesn’t necessarily get to the root cause of the problem. Let’s track it back in reverse order:
- Malware isn’t spotted, so it gets control of part of the system.
- It got through the firewall because it wasn’t configured properly.
- It got to the firewall because a security patch wasn’t applied to part of the system.
- The malware got into that part of the system because an individual with access used a USB device on a connected piece of equipment.
- The use of USB and similar devices is widespread because of a general lack of understanding of the cybersecurity risks they pose.
There is definitely a technology problem in the above scenario. However, when you track the issue back to its root cause, it is also a people problem. Therefore, you need an end-to-end solution that includes technology, processes, and people:
- Technology – improve malware monitoring and firewall configuration
- Processes – ensure security patches are properly applied and develop a policy on the use of USB and similar devices
- People – conduct regular training for staff on cybersecurity risks and how to mitigate them
Once you have identified, evaluated, and prioritised the risks, the next step is to identify mitigation measures.
2. Secure Your OT Equipment
In this part of the risk mitigation process, it is important to understand that while a holistic approach is essential, the practicalities and realities of IT and OT can be contradictory.
This especially applies in fields like pharmaceutical and medical device manufacturing, as there are patient safety and compliance requirements. This creates situations where IT systems can be completely locked down for cybersecurity reasons while a certain degree of openness is required for OT systems to allow data to pass through.
Another example of the practical differences is the application of security patches. In most IT systems, security patches can be applied immediately. Greater care must be taken with OT systems, however, as the patch itself must be risk assessed and qualified. This is because applying a security patch could reduce the availability of a piece of equipment, impacting essential metrics like production line output and OEE (overall equipment effectiveness).
This is before you even consider the fact there will be OT systems and equipment operating on production lines that are no longer supported by the manufacturer, so security patches are not being developed.
It is also important to take into account the nature of the equipment and systems being used, as this will also impact the steps required to make them secure. In IT security, equipment and systems are likely to be relatively new, while in the OT environment, it is not unusual to see equipment and systems that are decades old.
During the process of developing mitigation steps to secure your OT equipment against identified risks, there are some key points to consider:
Identity and Access Management
Identity and access management are essential cybersecurity components, but they are particularly important when third-party contractors are working on OT systems. If the contractor is physically present on the factory floor, they will have gone through the company’s security protocols. However, it is now increasingly possible for engineers to remotely work on manufacturing lines and equipment. Security measures for remote access are often much weaker than those in place for physical access, so there is usually room for improvement.
Use Reliable Partners and Vendors
It is also important to use trusted vendors and engineering teams that prioritise security when developing or updating systems and software. A track record of success is important too.
Reduce the Attack Surface Where Possible
A lot of the focus of Industry 4.0 cybersecurity involves securing the increasing attack surface, but there are also steps you can take to reduce potential access points for an attack. This includes removing unneeded systems and equipment
3. Monitor the Effective of Your Cybersecurity Risk Mitigation Measures
The final step in the risk mitigation process is the continuous monitoring of your mitigation measures, including through the use of automation and machine learning technologies.
You should also build in levels of redundancy wherever possible, so there are alternatives if a system or piece of equipment has to be taken offline for cybersecurity reasons.
Ensuring maximum resiliency is important, too, including ensuring you take regular system and data backups. You should also have an up-to-date disaster recovery plan, and it should be regularly tested, assessed, and reviewed.
An Ongoing Process
The process outlined above should become a constant feature of your operations, given the increasing fluidly of the manufacturing sector and the constantly changing nature of the cybersecurity threat profile. Prioritising cybersecurity and continuous vigilance are the solution.