The State of Cybersecurity in Manufacturing
New Vulnerabilities Require New Solutions
By Maria Ferrante, vice president of education and workforce development for PMMI, The Association for Packaging and Processing Technologies
The concept of cybersecurity is not a new one. Every connected device at an operation—from phones to computers to wearable smart devices—can potentially be exploited in a cyberattack. Manufacturers must be cognizant of the fact that their systems, physical infrastructure and employees are all under near-constant assault from outside forces seeking to gain illicit entry into the operation.
In many ways, the manufacturing industry is under a state of ongoing siege from cyberattacks, and it is the responsibility of industry players to establish robust cybersecurity protocols capable of detecting and mitigating those attacks, according to findings from the Cybersecurity: Assess Your Risk white paper from PMMI, The Association for Packaging and Processing Technologies.
Changing conditions in manufacturing
Manufacturing has seen a rapid adoption of new technologies over the past decade, with integrated production lines using smart sensors and actuators to collect data digitally. This drive toward flexible production and the insatiable desire for more data continues to gain momentum and has spread across processing and packaging operations, with most companies moving toward an Industrial Internet of Things (IIoT) model of manufacturing.
According to PMMI’s recent survey data, most companies have moved beyond just automated machine functionality and are integrating machine communications, adopting digital data exchange, and allowing some level of secure remote access. Specifically, 79% of companies have implemented smart technologies on their processing lines, 64% on their assembly lines, and 60% at the end-of-line packaging operations.
Industry 4.0 and IIoT technologies provide the opportunity for manufacturers to use the power of smart machines and real-time data analysis. That said, each wirelessly connected input/output (I/O) point creates new vulnerabilities of entry for cybercriminals. Every company must assess their network-connected operations to determine the potential threat of attack.
New vulnerabilities require new solutions
In addition to more automation, manufacturers have significantly expanded the scope of data collection and monitoring plans. Many plants now have an intricate network of sensors and components that are tasked with constantly monitoring and collecting data from all corners of the operation. These sensors represent a potential point of intrusion for a cyberattack.
Because individual components and sensors have limited processing capability, they lack any internal cybersecurity safety features of their own. As a result, these components and sensors connected to the network pose an immediate threat. One analysis found that it took an average of only five minutes for newly connected devices/sensors to be targeted with a cyberattack. This threat is also expanding rapidly as manufacturers increase the scope of data collection: it is estimated that there will be 58.1 billion IIoT connections in the industrial sector by 2024.
Given the highly connected environments manufacturers work in, and the pace of technological change they face, cyber risk is a top-of-mind industry issue and being prepared is essential. The first step a manufacturer can take to improve their cybersecurity preparedness is to gain a thorough understanding of their operation’s vulnerabilities, and how these vulnerabilities can be exploited by bad actors. By better understanding their weaknesses, manufacturers can then guard against future threats.
It’s also critical for manufacturers to invest in employee education around cybersecurity. Employees are the first line of defense, so ensuring they use strong passwords, can recognize email scams and understand how to avoid malware are important starting points for building solid cybersecurity measures.
About the Author
Maria Ferrante is the vice president of education and workforce development for PMMI, The Association for Packaging and Processing Technologies. Learn more about PMMI’s cybersecurity resources at www.pmmi.org/cyberhealth.