Dharminder Debisarun, Smart Industries Cybersecurity Executive at Palo Alto Networks shares how manufacturers can embrace IoT whilst remaining cybersecure
The Industrial Internet Of Things (IIoT) is creating incredible new advancements and opportunities for manufacturers. But it’s also enhancing the sector’s well-documented vulnerability to cybercrime.
It’s no coincidence that the IBM 2024 X-Force Threat Intelligence Report has ranked manufacturing as the most-attacked industry for the third consecutive year. As the adoption of IIoT grows, with Statista estimating the market will expand by 12.68% to have a volume of US$525.20bn in 2028, the sector faces a difficult question: How can manufacturers balance technological advancement with cybersecurity?
How can manufacturers balance technological advancement and cybersecurity?
Providing answers to this question is Dharminder Debisarun, Smart Industries Cybersecurity Executive at Palo Alto Networks, a global cybersecurity enterprise. A member of ENISA’s (The European Union Agency for Network and Information Security) expert group for Industry 4.0, Dharminder is a technical expert on bridging the gap between IT and OT. He has extensive expertise in industrial IoT and manufacturing security, as it pertains to factory operations, connected cars, airports and airlines.
“As manufacturers navigate the increasingly interconnected landscape of IoT, it’s crucial to recognise and address the cybersecurity realities that accompany this technological evolution,” Dharminer says. “ Manufacturers are particularly at risk due to their low tolerance for any downtime and subsequent impact on production.”
IIoT, by increasing the interconnectedness and digitisation of manufacturing processes has widened the attack surface cybercriminals can exploit, creating increased vulnerability. In 2023, IIoT-focused attacks were so prevalent they could’ve been monthly calendar events. In the US alone we saw manufacturer Mueller Water Products, compressor Giant Ingersoll Rand and power transmission company Gates Industrial Corporation all being targeted, with significant financial and technological repercussions.
“Traditionally, manufacturing processes relied on isolated operational technology systems that were not connected to external networks,” Dharminder explains.“However, with the adoption of Industry 4.0 technologies, such as connected sensors and industrial control systems (ICS), cloud-based manufacturing platforms have become more interconnected with IT networks and the internet. This convergence creates new entry points for cybercriminals to exploit vulnerabilities and launch attacks on cybercriminals.”
Dharminder knows this firsthand. Before joining Palo Alto Networks to lead IT operations, he implemented four software-defined data centres. This gave him first-hand experience in the evolution of security automation and its movement beyond prevention and detection technologies. “Manufacturers can enhance cyber resiliency while implementing IoT by prioritising security throughout the entire IoT lifecycle. “ he says.
“It involves employing robust authentication and access control mechanisms to ensure only authorised devices can connect to the network, implementing zero trust for device security to protect data both in transit and at rest, and regularly updating firmware and software to patch vulnerabilities.”
Why manufacturers are struggling to enhance cybersecurity
Manufacturers are largely struggling to implement these proper cybersecurity frameworks due to a lack of alignment between IT (Information Technologies) and OT (Operational Technologies) teams. Given that 72% of OT attacks are IT-borne according to Dharminder, this disconnect constitutes a major problem.
“Coordinating the decision-making process requires more communication between IT and OT. IT brings expertise in the appropriate solutions to counter threats, while OT experts understand the specific limitations and constraints of OT assets. Both must have a seat at the table when it comes to creating integrated security policies and practices and making critical security purchase decisions.”
This could look like working together on tabletop exercises to gain a better understanding of potential security scenarios and how to solve them. To make this collaboration successful and long-lasting, cybersecurity must be understood as a holistic, collective responsibility, and a culture that places it at the forefront must be adopted.
Recent cyber attacks on major manufacturers- and their cost
- Mondelez International: US$100m
In one of the most infamous cyber attacks in recent years, Mondelez, the multinational food and beverage company fell prey to the encrypting malware NotPetya in 2017. Mondolez’s production facilities were impacted globally, with thousands of user credentials being stolen. The cyberattack permanently damaged 24,000 laptops and 1,700 servers.
- Johnson Controls: US$27m
In Autumn 2023, Johnson Controls, a global manufacturer of industrial control systems faced a devastating ransomware attack after the company’s Asia officers were breached. Over 27TB of data was exfiltrated, and the ransomware gang responsible called The Dark Angels, demanded an initial ransom of US$51m for its return.
- Brunswick Corporation: US$85m
In June 2023 Brunswick Corporation, a leading boating manufacturing firm, suffered a cyber attack that disrupted operations for 9 days and cost millions. The breach also compromised the personal data of employees and customers, which included payment card data and addresses.
How digital technologies can help manufacturers’ security posture
While digital technologies like IIoT are creating more opportunities for cybercrime, they also provide distinctive security-enhancing benefits. Dharminder recommends manufacturers embrace digitally agile strategies that focus on continuous monitoring and improvement.
“Another thing manufacturers can do is implement AI when looking to secure their IoT devices,” he explains. “AI can bolster any manufacturer’s cyber defence strategy by identifying and responding to threats in real-time. It can also undertake the enormous task of continuously monitoring the IT estate for vulnerabilities while adapting and improving security measures to plug any gaps in their security posture.”
He also recommends manufacturers segment their IoT networks to contain and impact the reach of threats. “Additionally, manufacturers should segment their IoT networks to contain potential breaches and limit the impact of cyberattacks. Continuous monitoring of IoT devices and networks, coupled with timely incident response measures, is essential for detecting and mitigating cyber threats effectively.”
As experts say, the biggest cybersecurity threat to any organisation, in any sector is inattentiveness and complacency. Dharminder agrees, saying: “ In an ideal world, manufacturers should continuously monitor and integrate threat intelligence tools that are crucial for real-time threat detection and response. However, this is not always the case, as cybersecurity can often be overlooked.”
This decision-making is critical, as manufacturers frequently- like many other industries- underestimate the importance of embedding cybersecurity. In fact, according to Dharminder, it’s one of their biggest mistakes.
Manufacturers biggest cybersecurity mistakes
“One of the biggest cybersecurity mistakes manufacturers often make is underestimating the importance of embedding cybersecurity in their operations,” Dharminder says. “ Additionally, relying on outdated or unsupported software and equipment without implementing regular patches and updates creates significant security gaps.”
Another common mistake is neglecting to secure third-party vendor relationships, exposing manufacturers to supply chain attacks. As the manufacturer’s ecosystem grows and they grow more dependent on digital partners, this is crucial. “comprehensive employee training programs are also essential to mitigate human error and help upkeep threat intelligence tools, while supply chain security measures and a zero-trust security model bolster defences against evolving threats.” Dharminder adds.
Another factor is manufacturers overlooking the necessity of employee training on cybersecurity best practices. Human error and social engineering are still the number one way organisations are breached, and insider threats and phishing scams are continually evolving to exploit new vulnerabilities.
Manufacturers also need a comprehensive incident report plan to detect, respond to and recover from cyber incidents, reducing how dramatic a breach’s impact is and their subsequent downtime. “ Implementing strategies for incident response and business continuity planning also ensures resilience in the face of cyber incidents,” Dharminder explains. “At the same time, collaboration and information-sharing initiatives help keep organisations informed about emerging threats and best practices.”
Manufacturers must also remember that cyber threats, by their very nature, are dynamic and continually evolving. No cybersecurity technology or approach, no matter how fortified and uncrackable it may seem, is completely immune to the intelligent, tech-savvy and money-hungry machinations of cyber criminals. Communication, awareness and education are key, as anyone can be an entrance point- from the wider workforce to manufacturing executives.
“Enterprises should encourage stakeholders and staff to adopt a culture of cybersecurity awareness and work with colleagues in the field and cybersecurity specialists to stay up to date on best practices and new threats,” Dharminder says. “Manufacturers may secure their operations, preserve sensitive data, and guarantee the resilience of their interconnected systems in the face of emerging cyber threats by adopting cybersecurity as a core element of their IoT strategy.” While IIoT brings new cybersecurity challenges, the benefits it’s had for manufacturers are certainly worth it- the sector just needs to adapt, and Dharminder finishes with a concluding message on how.
“Embracing IoT brings immense potential for innovation and efficiency, but it also introduces new vulnerabilities and risks. Therefore, my message to manufacturers is this: prioritise cybersecurity from the outset of IoT implementation and adopt a proactive approach by integrating robust security measures into IoT devices, networks, and processes. It starts by implementing a zero trust strategy, access controls, and regular software updates to mitigate potential threats.”