The pandemic has forever changed business interactions, turning face-to-face encounters into remote, digital-centric communication. While much of the attention has been on offices, factories were no exception in adjusting to this new normal, as they put into place "Work From Home" (WFH), social distancing, and other safety practices.
Two changes that factories implemented as precautions against COVID-19 are now being pursued for different reasons: to achieve greater productivity and cost savings. Yet both may also increase network vulnerability to cyberattacks.
Those changes are:
Accelerated Shift to Automation
Labor-intensive factories are speeding up the transition to automated assembly lines. At first, this was to minimize the impact of employees being unable to go to work due to the pandemic. Today it is being done to reduce operational costs and improve quality. However, as automation requires more devices to be connected to the Internet, the risk of cyberattacks has increased immensely.
Scaled Up Information Security
Previously, all production equipment and personnel were located within the factory. However, during the pandemic, factories began to be operated remotely. When people work remotely, the cybersecurity measures within the factory need to be extended to cover any connected devices that employees use as these devices are particularly vulnerable to cyberattacks.
In response to increased risks, Jesse Ku, an industrial control system cybersecurity expert at Moxa who is also IEC 62443 certified, has proposed a five-point "S.M.A.R.T.” cybersecurity strategy:
Scan to Secure
Within the cybersecurity field, scanning is one of the most common methods to enhance security and is often the most effective protection. By regularly scanning the computers and control equipment in a factory with antivirus software for viruses, unplanned updates, and malware, the risk of attacks can be greatly reduced. With WFH now more common across the manufacturing sector, this first line of defense must be extended to connected devices employees use remotely to ensure total coverage.
Manage Security Architecture
It is essential that factory networks are stable and easily manageable. The defense-in-depth concept preferred by information security experts, which consists of multi-layered security control protocols, is often overlooked due to its complexity. However, as factories continue to invest heavily in automation, cybersecurity management becomes a necessity. This includes network segmentation involving setting up a firewall between the automation equipment and the management server.
Accelerate Patching
In the past, there were two main guiding principles for factory operation: ensure the safety of personnel and maintain stable production. Unfortunately, software updates provided by equipment manufacturers are often ignored if the production equipment remains functional. This dangerous oversight in security patching can have catastrophic results as the software remains vulnerable to breaches.
Remote Control Security
Working from home is the new normal, requiring the remote connecting of PCs, laptops, tablets, and phones to company servers. This presents significant cybersecurity concerns. Connection security and authentication mechanisms, such as multi-factor authorization (MFA) and user authentication, should be implemented to significantly reduce the threat of cyberattacks.
Teach Employees
The most secure network requires the participation of each individual who accesses it. By educating all employees on the significance of network security via appropriate training courses, the reasoning behind certain decisions will be better understood and increasing the likelihood that new security policies are followed. Furthermore, armed with a full understanding of the changes to come, employees can smoothly adapt to the new security framework and regulations.
The pandemic has changed not only our social norms but also the way factories operate. As factories become more automated and remote, applying the S.M.A.R.T. cybersecurity strategy can help reduce cyberattacks. With remote operations now the new norm, plant managers must be aware of all connected devices and how to strengthen network defenses.
