The rise of cybersecurity in smart factories and the importance of ‘zero trust’

According to Deloitte, smart factories lead to improved productivity and performance in manufacturing, with productivity increasing by up to 12%. There are also wider benefits, such as the creation of a hyperconnected supply chain and the creation of a digital supply network. However, smart factories also increase the risk of a cybersecurity threat. 51% of industrial organisations believe that the number of cyberattacks on smart factories is going to increase in the next 12 months. So, we have looked at the problems and solutions associated with cybersecurity in smart factories. 

What is a manufacturing smart factory?

Using digital enterprise, a smart factory optimises operational performance in many ways. It’s a physical and virtual space, both of which utilise Industry 4.0 technologies to improve the day to day running of things. With a smart factory, access to systems is simple and straightforward. Plus, the movement of data inside and outside of the organisation is streamlined. This improves productivity and safety, and the smart factory then becomes a key part of the larger digital supply chain. 

Many companies are developing digital supply chains, using XaaS (anything-as-a-service) business ideals. The aim is to provide revenue for a manufacturer that’s usage and annuity based, and to provide reduced costs for the consumer. This, combined with smart factories, allows for real-time product monitoring, product usage, and updates, as well as data driven organisations. This is referred to as hyper-connectivity, and it creates a digital footprint through the key parts of the business to provide a real-time view of the product life cycle.

The downsides of hyperconnectivity in manufacturing

To truly harness the business benefits of smart factory developments, manufacturers need to better understand the cyber risks involved. A lot of organisations are moving towards hyperconnectivity, but many don’t fully understand the risks that come with doing so. Considering that manufacturing replaced financial services as the top cyberattacked industry in 2021, it’s vital that hyperconnectivity is understood by manufacturers.

The Deloitte study shows that 40% of manufacturers said that their operations were affected by a cybersecurity incident in the past 12 months. This is because hyperconnectivity increases the chances of a cyber incident impacting all aspects of an organisation; rather than being an isolated attack, hyperconnectivity makes it a lot easier for a larger area or blast radius, to be impacted. 

Could a ‘zero trust’ security model be the answer?

A wider blast radius means that a cyber incident at the manufacturer is not an isolated event. Compromising one area could impact the entire organisation, and consequently all its business partners. To reduce the negative impacts of hyperconnectivity, the blast radius of a cybersecurity attack needs to be controlled. This can be done with the prevention, detection, and effectively responding to threats. Recovery capabilities are also key, as this limits the disruptions caused to operations should a threat occur. To achieve this, smart factories and digital supply networks need to approach security from a digital point of view, rather than looking at things from a traditional ‘business disabling’ viewpoint. This is where a ‘zero trust’ security model comes in.

Zero Trust is a security framework requiring all users, whether in or outside the organisation’s network, to be authenticated, authorised, and continuously validated for security configuration and posture before being granted or keeping access to applications and data. Zero Trust assumes that there is no traditional network edge; networks can be local, in the cloud, or a combination or hybrid with resources anywhere as well as workers in any location.

It is based on the ‘never trust, always verify’ school of thought, which sees organisations moving away from strict parameters towards a level of trust that’s built between resources and customers over time. A zero trust approach can be scaled alongside business growth, which minimises the complexities of changing cybersecurity and management. With cybersecurity, there are fewer boundaries, but a ‘zero trust’ security model is agile and scalable. Data can move freely from one part of the digital supply chain to another. 

What can businesses do now?

There is no denying the growing reliance on smart factories, but businesses need to manage the risk from conception. This means integrating security into the digital supply chain, and ensuring risks are managed throughout the network. Currently, figures show that 51% of facilities build cybersecurity practices into their smart factories by default. There is a range of supply chain vulnerabilities in the digital world but understanding these and putting solutions into place can minimise them.

Moving towards a ‘Zero Trust’ model can start with three simple steps. Visualising, Mitigating and Optimising operations. The first step includes, simply understanding all the resources, and their access points, and visualising risks involved. Then, practice detecting and stopping threats or mitigating the impact of the breach in case a threat cannot be immediately stopped. Finally, working on extending protection to every aspect of the IT infrastructure and all resources regardless of location while optimising the user experience for end-users, IT, and security teams.

Redline Group - the UK’s most trusted Engineering, Electronics, and High Technology recruitment specialist for professional Contract, Permanent and Executive positions.

With four decades of experience in knowledge-led recruitment, the Redline Group is perfectly positioned to offer advice about future-proofing your permanent, contract and interim needs in the electronics and technology sector. For more information contact 01582 450054 or email info@redlinegroup.com.