Building a Resilient World:
The ISAGCA Blog

Welcome to the official blog of the ISA Global Cybersecurity Alliance (ISAGCA).

This blog covers topics on automation cybersecurity such as risk assessment, compliance, educational resources, and how to leverage the ISA/IEC 62443 series of standards.

All Posts

Automated Manufacturing Cybersecurity Risks

Automation is the use of equipment to automate systems and production processes to reduce work. While factory automation and robotic innovations are thriving in the U.S., Forbes highlights how the country has fallen behind in utilizing automation for manufacturing. With the COVID-19 pandemic, however, there is a strong need to take a fresh look at automated manufacturing with concern to cybersecurity.

Cybersecurity Risks in Automated Manufacturing

As many workforces have gone digital due to the pandemic, there has been an increase in network attacks and intrusions from cybercriminals. Manufacturing is one of the most targeted industries, with Morphisec reporting that one in five companies are targeted by cyberattacks. Hackers are gaining more access to production systems because employees are telecommuting, rather than working on-site.

Some of the major cybersecurity risks to automated manufacturing include:

Cloud and edge computing: Cloud and edge computing are primarily used for data storage. These empower manufacturers with applications like data computing, sales coordination, real-time project collaboration, and enterprise resource planning management. From a security standpoint, an IT team may lack the know-how when it comes to the cloud, as many manufacturers use outdated cloud systems.

Edge computing, on the other hand, requires one to move data and processes to a repository that is physically located at the manufacturer's site. While this gives more control to manufacturers, edge computing also creates a dangerous consolidation of information ripe for a potential enterprise-wide breach.

Integrated technology: Integrated production lines utilize smart sensors and actuators to collect digital data not just to automate machine functionality, but to integrate machine communications and allow a degree of secure remote access. However, these network-connected operations may be open to cyberattacks. The wirelessly-connected input/output points—controlled by apps with Wi-Fi for data flows—are vulnerabilities for entry.

Tips for Mitigating Automated Manufacturing Risks

Here are three tips for minimizing automated manufacturing risks:

Hire the right professionals: Recently, an article from the World Economic Forum discussed how governments and companies are facing a shortage of cybersecurity professionals. This demand can be addressed by retraining people in cybersecurity so that they are capable of countering attacks. Without the right skilled professionals, even a robust cybersecurity system may fail.

Many professionals choose to hone their skills through specialized training, particularly online, as remote arrangements continue to become the norm. Online training also gives professionals the edge to conduct cybersecurity activities remotely, simulating real-world scenarios. Case in point, Maryville University’s online Master’s program in cybersecurity doesn’t just teach technical cybersecurity skills, they also provide a virtual training environment. Through the Maryville Virtual Lab, students can hone their skills in cybersecurity and digital forensics through a safe, virtual environment. Hiring professionals that have done this type of training, or even providing this type of education to an existing IT team, can help mitigate cybersecurity risks.

Assess risks in detail: Different attacks can disrupt production or inflict serious damage to machinery, so a detailed cyber-risk assessment should look at all the products that make up the industrial ecosystem. Cybersecurity consultant Hal Thomas notes that a risk assessment should consider potential threats and vulnerabilities to gauge the likelihood of a successful cyberattack.

Threats can originate from inside and outside a facility, from disgruntled employees or contractors to actions by foreign governments or terrorists. It is crucial to look at these pathways and set up the appropriate countermeasures.

Create a clear response strategy: It’s important to have a clear strategy that boosts cybersecurity systems. A response strategy should include cyberattack insurance, a compliance audit trail, and investments in vigilance training for staff. Setting up policies and procedures around cyber safety can create an internal culture that helps safeguard sensitive data.

Rebecca Jess
Rebecca Jess
Rebecca Jess has an interest in all things tech-related. She enjoys learning and writing about the latest developments and changes in a variety of fields. She loves going on hikes with her Labrador, Bailey.

Related Posts

Call for Volunteers: ICS4ICS Improves Management of ICS Cybersecurity

If you would like to participate in the ICS4ICS effort, please visit our website at: www.isa.org/ICS4ICS ...
Brian Peterson Sep 21, 2021 5:30:00 AM

The Problem with Platform Ascendency for Cyber-Physical Integrations

Integration is the buzzword of the year for technology in 2021. Application programming interfaces (APIs)...
Danielle Jablanski Sep 14, 2021 5:30:00 AM

New York Lawmakers Reference ISA/IEC 62443 in New Proposed Bill

New York state legislature is hoping to add additional protections to the state’s critical infrastructure...
Steven Aliano Sep 7, 2021 5:30:00 AM