Emmanuel Routier, VP Smart Industries, Orange Business looks at security implications on the network.
The digital transformation sweeping through industries brings undeniable operational efficiencies and competitive advantages. However, some companies remain vulnerable to threats due to a lack of properly planned OT/IT integration and management.
Industrial sites need a more proactive approach to OT security, because ransomware attacks have surged in recent years, and cybercriminals continue to target intellectual property and proprietary data. In this article we explore how industrial organisations can make cybersecurity a part of their DNA by properly assessing OT risks, implementing cybersecurity best practices, and ensuring network reliability.
The evolving threat landscape
Recent data from our annual Security Navigator 2024 report highlights a surge in cyberattacks targeting industrial organisations, particularly in the manufacturing sector.
The report reveals a staggering 30% year-on-year increase in security incident. Criminals, driven by financial gain through ransomware and data theft, now represent the most significant threat, perpetrating 61% of recorded OT cyberattacks, dwarfing state, insider, hacktivist, third party contractors and unspecified hacker adversaries. All of the attacks from criminals were cyber extortion incidents and most involving ransomware.
The manufacturing industry is the most attacked sector, with cyberattacks accounting for more than half (58%) of all attacks, which is three times more than the second most attacked sector, banking and insurance. To put this into perspective, if cybercrime were a country, it would be the third-largest economy globally, following China and the US. Even more alarming, the sector has seen a worrying 42% increase in attacks year-on-year.
This evolving landscape underscores the need for all companies, especially those in industrial sectors, to prioritise their cybersecurity measures and take proactive steps to safeguard their operations against cyber threats.
The rise of the secure industrial LAN
Historically, industrial networks operated in isolation from the broader enterprise, with cybersecurity being largely overlooked. However, OT assets are now more interconnected with the external world than ever before, yet their cybersecurity remains alarmingly neglected. The fervour for digitisation is palpable and commendable, but it’s not adequately matched by an appropriate level of security.
With operational sites increasingly vulnerable to cyberattacks due to the rising integration of IT technologies into industrial systems, cybercriminals will discover points of entry. The question is no longer ‘if’ an attack will occur, but rather ‘when’.
A secure industrial network can significantly mitigate risks, ensure compliance, bolster competitive advantage, and yield efficiencies that come from interconnected environments. However, establishing such a network requires a comprehensive understanding of IT networking and the nuances of how they link into industrial network infrastructure and the measures to safeguard them. Many organisations find themselves lacking the requisite knowledge, tools, or skilled personnel at each site to accomplish this. Compounding these challenges, they often grapple with managing fragmented networks involving multiple vendors, which exacerbates interoperability issues and broadens the risk landscape.
Visibility and control: The key to security
A secure industrial LAN prioritises visibility into Industrial IoT and Industrial Control Systems (ICSs). This empowers IT and OT teams to accurately gauge their OT security posture and maintain security best practices which is crucial in preserving operational uptime and efficiency.
Industrial organisations can substantially reduce their risk exposure by appropriately harmonising their industrial network and security. Every industrial location boasts distinct features, so there is no universal solution for creating a secure industrial network. Nevertheless, the initial step for every site should involve a team of experts conducting a comprehensive security assessment. This process helps understand the network’s health and identifies any existing vulnerabilities. Following this, a secure industrial LAN that aligns with business requirements can be mapped out.
The ideal solution should empower a company with effective control and oversight of its industrial network. Opt for solutions that encompass network mapping and traffic monitoring, asset inventory, and the capacity to extract security data – such as real-time information on vulnerabilities, configuration errors, and potential security risks.
Embracing a unified, single-vendor approach to secure industrial LAN not only enhances overall security but also significantly curtails the total cost of ownership. This factor is of utmost importance for many manufacturers operating within extremely narrow profit margins. Moreover, as security is integrated into the network, there is no additional expenditure on hardware.
A look at the future
As manufacturers embrace digitisation, a well-managed and secure industrial network solution becomes essential to maintain the competitive edge. Without it, manufacturers are easily susceptible to evolving OT security threats.
To simplify the challenge and improve their security, manufacturers should seek out the right partners. Those that can unify industrial networking and cybersecurity, are the ideal solution for industrial organisations to automate and secure operations at scale.