Approximately 61%, of manufacturers have experienced cybersecurity incidents in their smart factories and are struggling to deploy the technology needed to effectively manage cyber risk, according to Trend Micro.
"Manufacturing organisations around the world are doubling down on digital transformation to drive smart factory improvements. The gap in IT and OT cybersecurity awareness creates the imbalance between people, process and technology, and it gives bad guys a chance to attack." said Akihiko Omikawa, executive vice president of IoT security for Trend Micro.
The prevalence of cyberattacks on smart factories was one of the major findings in an independent research conducted by Vanson Bourne on behalf of Trend Micro. The online survey involved 500 IT and OT professionals in the United States, Germany and Japan.
The research also showed that 75% of smart factories that had been targeted suffered system outages, with more than two-fifths (43%) of these outages lasting for more than four days.
Trend Micro commissioned independent research specialist Vanson Bourne to conduct an on-line survey with 500 IT and OT professionals in the United States, Germany and Japan and found that over three-fifths (61%) of manufacturers have experienced cyber incidents, with most (75%) of these suffering system outages as a result. More than two-fifths (43%) said outages lasted over four days.
"That's why Trend Micro has integrated IT and OT intelligence and provides a comprehensive solution from the shop floor to the office. We're helping put visibility and continuous control back in the hands of smart factory owners,” Omikawa said.
The results from all three countries showed that technology (78%) was seen as the biggest security challenge, although people (68%) and process (67%) were also cited as top challenges by many respondents. However, fewer than half of the participants said they're implementing technical measures to improve cybersecurity.
Other key findings include:
- Asset visualisation (40%) and segmentation (39%) were the least likely of cybersecurity measures to be deployed, hinting that they are the most technically challenging for organizations to execute. Organisations with a high degree of IT-OT collaboration were more likely to implement technical security measures than those with less cohesion. There was a particularly big gulf between organisations with high IT-OT collaboration verses those with little to no IT-OT collaboration in the use of firewalls (66% verses 47%), IPS (62% verses 46%) and network segmentation (54% verses 37%).
- Standards and guidelines were cited as the top driver for enhanced collaboration in the United States (64%), Germany (58%) and Japan (57%). The National Institute of Standards and Technology's (NIST) Cyber Security Framework and ISO27001 (ISMS) were among the most popular guidelines.
- The most common organisational change cited by manufacturers in all three countries was appointing a factory Chief Security Officer (CSO).
Trend Micro recommends a three-step technical approach to securing smart factories and keeping their operations running:
- Prevention by reducing intrusion risks at data exchange points like the network and DMZ. These risks could include USB storage devices, laptops brought into a factory by third parties, and IoT gateways.
- Detection by spotting anomalous network behaviour like Command & Control (C&C) communication and multiple log-in failures. The earlier the detection, the sooner attacks can be stopped with minimal impact on the organisation.
- Persistence is crucial to protect smart factories from any threat that has evaded prevention and detection stages. Trend Micro TXOne Network's industrial network and endpoint security solutions are purpose-built for OT environments. They work at a wide range of temperatures and are easy to use with minimal performance impact.