Cyberattacks on manufacturing can have devastating consequences—the time to safeguard your operational technology is now.
When hackers infiltrate a casino through an IoT fish tank thermostat, it is sobering — but it is admittedly easy to chuckle at or at least admire the ingenuity of the hack.
Replace “casino” with “airplane manufacturer” or “pharmaceutical production facility” or “nuclear power plant,” though, and no one will be laughing.
The manufacturing risk landscape is becoming more complex by the minute.
Manufacturing is more vulnerable than ever to cyberattacks. In fact, it recently gained the dubious distinction of being the most targeted sector, according to IBM Security. The consequences of a cyberattack can be dire, and not just economically.
Stopped production on a factory floor can cost $300,000 per hour, and even more for large manufacturers, according to research by ITIC. Ransomware attacks can take factories down for a week or more. In plenty of cases, cyberattacks on manufacturing entities can cause environmental disaster or loss of life.
More complexity, more problems
Why is manufacturing especially at risk? As factory floor assets become increasingly smarter and more connected, new vulnerabilities and attack vectors are introduced into the manufacturing organisation.
A 2022 study by ThoughtLab and ServiceNow found that manufacturers rank last out of all industries surveyed when it comes to cybersecurity preparedness (as defined by the NIST framework). The survey revealed that 24% of manufacturers are not well prepared for the rapidly changing threat landscape.
Prioritising the protection of linked IT and OT (operational technology) assets has been identified as a top 10 best practice for cybersecurity, according to Gartner. Yet only 34% of manufacturers currently plan to make large investments in IT and OT asset protection.
While CISOs have the most direct responsibility for managing vulnerabilities, the enormous potential cost of downtime means cybersecurity is everyone’s concern
One significant issue is simply that C-level leaders aren’t uniformly aware of the risks posed by OT vulnerabilities. While CISOs have the most direct responsibility for managing those vulnerabilities, the enormous potential cost of downtime means cybersecurity is everyone’s concern. It is a strategic business imperative that requires all of the C-suite to work together to mitigate risks.
Cover your assets!
So, how can manufacturers guard against the disruption and harm of cyberattacks? We recommend a three-phase approach.
- Gain visibility and inventory your assets: You can’t manage what you can’t see. It’s critical to get a complete, contextual view of your OT systems. If an asset has an IP address, it must be accounted for.
- Gauge vulnerability: At the asset, production line, or site level, gauge vulnerability to assess your main vulnerabilities. To be truly useful, you need to not only generate risk scores at the asset level, but also assess how these vulnerabilities aggregate at higher levels of your organisation—from individual components to production lines to the entire factory site.
- Strategically remediate: Once you can assess vulnerability at every level of your organisation, you should remediate any potential weak spots with appropriate service management to ensure all vulnerabilities are resolved, avoiding costly downtime.
The ThoughtLab research found that in contrast to its lack of cyberattack readiness, the manufacturing sector is well ahead of the curve on automation. This suggests manufacturing sector entities are prepared for rapid adoption of OT service management tools, which can readily identify vulnerabilities, assist in safe shutdown in the event of a cyberattack, and provide a roadmap for making the appropriate repairs and returning to production as soon as possible.
Unlike IT, OT is still in its infancy, but it’s developing rapidly—as it must, given the risks to both human safety and company revenue. OT service management tools can help you harden your manufacturing facilities against cyberattacks by creating digital workflows for assessing and contextualising your entire asset ecosystem.
What lives at that IP address? Who owns it? What is its function, and what are its specific vulnerabilities? With that inventory in place, you can fully understand your asset landscape, audit routinely, and move quickly if all or part of a manufacturing facility is compromised.
The landscape of cyberthreats is always in flux, but the fundamentals of defending your enterprise are constant. These measures can save manufacturers from costly interruptions—or worse.
About the authors
Robert Rash is the manager of manufacturing systems architecture responsible for global manufacturing and OT go to market engagements. In this role, Robert provides OT specific solution consulting and OT security and visibility strategies to deliver the OTM solutions, enabling the IT/OT convergence to improve manufacturing resiliency and reduce the threat landscape. Robert has more than 20 years of OT and manufacturing experience. Before joining ServiceNow in 2022, Robert provided process improvement and OT security solutions to the manufacturing and utility industries.
Karan Shrivastava is director of product management and is responsible for bringing ServiceNow’s manufacturing products to market. Karan has a vast experience in product management and manufacturing. He has spent last 10 years working in heavy industries before joining ServiceNow. Karan is the leading expert in operational technology management at ServiceNow.
Read more of our Digital Transformation articles here