Building a Resilient World:

Welcome to the official blog of the ISA Global Cybersecurity Alliance (ISAGCA).

This blog covers topics on automation cybersecurity such as risk assessment, compliance, educational resources, and how to leverage the ISA/IEC 62443 series of standards.

The material and information contained on this website is for general information purposes only. ISAGCA blog posts may be authored by ISA staff and guest authors from the cybersecurity community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

All Posts

Automated Manufacturing Cybersecurity Risks

Automation is the use of equipment to automate systems and production processes to reduce work. While factory automation and robotic innovations are thriving in the U.S., Forbes highlights how the country has fallen behind in utilizing automation for manufacturing. With the COVID-19 pandemic, however, there is a strong need to take a fresh look at automated manufacturing with concern to cybersecurity.

Cybersecurity Risks in Automated Manufacturing

As many workforces have gone digital due to the pandemic, there has been an increase in network attacks and intrusions from cybercriminals. Manufacturing is one of the most targeted industries, with Morphisec reporting that one in five companies are targeted by cyberattacks. Hackers are gaining more access to production systems because employees are telecommuting, rather than working on-site.

Some of the major cybersecurity risks to automated manufacturing include:

Cloud and edge computing: Cloud and edge computing are primarily used for data storage. These empower manufacturers with applications like data computing, sales coordination, real-time project collaboration, and enterprise resource planning management. From a security standpoint, an IT team may lack the know-how when it comes to the cloud, as many manufacturers use outdated cloud systems.

Edge computing, on the other hand, requires one to move data and processes to a repository that is physically located at the manufacturer's site. While this gives more control to manufacturers, edge computing also creates a dangerous consolidation of information ripe for a potential enterprise-wide breach.

Integrated technology: Integrated production lines utilize smart sensors and actuators to collect digital data not just to automate machine functionality, but to integrate machine communications and allow a degree of secure remote access. However, these network-connected operations may be open to cyberattacks. The wirelessly-connected input/output points—controlled by apps with Wi-Fi for data flows—are vulnerabilities for entry.

Tips for Mitigating Automated Manufacturing Risks

Here are three tips for minimizing automated manufacturing risks:

Hire the right professionals: Recently, an article from the World Economic Forum discussed how governments and companies are facing a shortage of cybersecurity professionals. This demand can be addressed by retraining people in cybersecurity so that they are capable of countering attacks. Without the right skilled professionals, even a robust cybersecurity system may fail.

Many professionals choose to hone their skills through specialized training, particularly online, as remote arrangements continue to become the norm. Online training also gives professionals the edge to conduct cybersecurity activities remotely, simulating real-world scenarios. Case in point, Maryville University’s online Master’s program in cybersecurity doesn’t just teach technical cybersecurity skills, they also provide a virtual training environment. Through the Maryville Virtual Lab, students can hone their skills in cybersecurity and digital forensics through a safe, virtual environment. Hiring professionals that have done this type of training, or even providing this type of education to an existing IT team, can help mitigate cybersecurity risks.

Assess risks in detail: Different attacks can disrupt production or inflict serious damage to machinery, so a detailed cyber-risk assessment should look at all the products that make up the industrial ecosystem. Cybersecurity consultant Hal Thomas notes that a risk assessment should consider potential threats and vulnerabilities to gauge the likelihood of a successful cyberattack.

Threats can originate from inside and outside a facility, from disgruntled employees or contractors to actions by foreign governments or terrorists. It is crucial to look at these pathways and set up the appropriate countermeasures.

Create a clear response strategy: It’s important to have a clear strategy that boosts cybersecurity systems. A response strategy should include cyberattack insurance, a compliance audit trail, and investments in vigilance training for staff. Setting up policies and procedures around cyber safety can create an internal culture that helps safeguard sensitive data.

Rebecca Jess
Rebecca Jess
Rebecca Jess has an interest in all things tech-related. She enjoys learning and writing about the latest developments and changes in a variety of fields. She loves going on hikes with her Labrador, Bailey.

Related Posts

Industrial Control Systems Certification

An increasing number of intentional attacks are being detected that target industrial control systems (IC...
Nikhil Kapoor Jun 7, 2024 7:00:00 AM

Most Cybersecurity Teams Are Unprepared for AI Cyberattacks

Cybersecurity teams aren’t the only ones using artificial intelligence to their advantage — cybercriminal...
Zac Amos May 31, 2024 4:02:28 PM

Protecting Vital OT Infrastructure: Key Strategies for OT Penetration Testing

Operational technology (OT) cybersecurity faces significant challenges in maturing its operations and pro...
Mohannad AlRasan May 24, 2024 4:44:16 PM