IoT is accelerating the cyber-attack surface
In the past, the only problems on the shop floor were equipment failures or the need to add another shift to keep up with demand. Manufacturing processes were mechanical, siloed and overseen by human workers with their hands on the controls. However, the Internet of Things (IoT) changed all of that more than a decade ago. The increased connectivity and acceleration of IoT have provided increased efficiencies and productivity, but they have also led to a significant surge in cyber attacks on operational technologies (OT). The U.S. Government Accountability Office (GAO) highlights that this has created vulnerabilities in critical infrastructure, leaving manufacturers exposed to escalating threats, environmental disruptions, insider risks and nation-state-sponsored cyber attacks. Additionally, many organizations still operate legacy platforms and security information and event management (SIEM) and lack mature data management and governance practices to manage the changing landscape. It’s clear a different approach is needed fast.
CISOs dissatisfied with organizational readiness
It’s not just what is happening on the shop floor that is driving the need for organizational change. Manufacturing hasn’t traditionally been a highly regulated industry, resulting in a lack of external drivers to compel organizations to comply with mandated cybersecurity controls. But incoming regulations globally, and closer to home, around data privacy protection, will affect connected manufacturing practices, from HVAC to automobiles and beyond. The EY 2024 Human Risk in Cybersecurity Survey reveals that as many as 34% of organizations are concerned that their own actions could lead to attacks, and 64% of chief information security officers (CISOs) are dissatisfied with non-IT staff adherence to the cyber practices that they have in place. In a tight and ultra-competitive cyber labor market, two things are now needed: critical upskilling of all employees and improved cyber detection and defense technology.
Adopt a resiliency perspective to safeguard revenue
While that approach may involve an updated SIEM, organizations also need a shift in how they perceive and budget for cybersecurity. This starts with leadership adopting a resiliency perspective, rather than a remediation one, and the CISO championing the transition. Boards too must move beyond simply asking about the status of the organizations’ cybersecurity plan and embrace the discipline as a critical, mainstream and enterprise-wide process. Moving cybersecurity out of the IT silo, where it is only a percentage of the overall technology budget, and elevating its status in the organization will give it the priority and appropriate implementation budget that the scale of cyber threats now demands. The entire organization must see cybersecurity’s pivotal role not just in process protection but in defending reputation and revenue generation.
Steps to build future-forward cybersecurity
What actions can and must be taken? Start with a full technology review. Many legacy technologies and traditional SIEM are at least five to eight years old, but in today’s cyber timeline, the lifespan of tech can be as little as three to five years. Conduct a system assessment to determine what needs to protected and what technologies and people processes must change to do this. Then, create an implementation plan and a timeline to review technology options. All of this must involve leadership buy-in and culture change, which can be driven internally by some organizations but often requires the counsel of a managed services provider with deep industry experience.
Transition to next-gen SIEM
As you consider technology upgrades, consider the benefits of upgrading to today’s next-gen SIEM. The right solution can provide one unified, AI-native and cloud-delivered platform capable of scaling. Look for critical components such as real-time dashboarding, searches and alerts. And ensure that the SIEM offers modern, AI-powered capabilities and seamless cloud computing. Features like automated, real-time threat detection, rapid response, and generative AI-driven recommendations across complex workflows can remove the blind spots in your organization, speed up processes, improve efficiency and deliver enterprise-wide protection for lower overall cost.
Last word: Upgrade cyber for accelerated attacks
The numbers don’t lie. The average organization now deals with 44 cyber events each year2. The scale, pace and volume of risk are increasing in manufacturing beyond the ability of legacy technology platforms to cope. In the past, cyber attacks primarily focused on finance and other sectors, but the Cybersecurity and Infrastructure Agency (CISA) reports that manufacturers have now become significant targets for state-sponsored attacks. For organizations that want to protect proprietary data, reputation and their foundational ability to create revenue and value, the time to act is now.
