COVID-19 set to accelerate Industry 4.0

Opinions expressed in this article are those of the author.

Galina Antova, Co-founder and Chief Business Development Officer at Claroty. Image Provided
This article is by Galina Antova, 
Co-founder and Chief Business Development Officer at Claroty

No industry has immunity to COVID-19. The impact of the pandemic has shrivelled demand for some goods and services, boosted demand for others enormously, and forced every company to have its workforce operating as remotely as possible.

Fortunately, some of the more technologically advanced organisations within the manufacturing sector are well-placed to face the challenges incurred, and also gain from the opportunities created by the pandemic. These advanced organisations have also successfully managed to operate their facilities remotely, and quickly switch production facilities to produce goods in high demand, whether that be hand sanitisers, personal protection equipment, or ventilators.

Organisations displaying this kind of agility are paving the way for Industry 4.0 – the next generation of manufacturing technology. Many of Industry 4.0’s attributes, as defined by the Australian Government, are precisely what manufacturers need to minimise the disruption caused by COVID-19 and rise to its challenges.

Industry 4.0 promises:

  • advanced automation and robotics;
  • machine-to-machine and human-to-machine communication;
  • better connectivity between customers and supply chains through real-time access to production information, logistics and monitoring;
  • greater flexibility for businesses to produce differentiated products and services to tap unmet consumer demands, compete in global markets and capture emerging opportunities.

The challenge of OT/IT integration

However, to realise the benefits of Industry 4.0, manufacturers must achieve something they have struggled with for two decades: effective and secure integration between operational technology (OT) and information technology (IT).

Tight OT/IT integration enables better business planning and management. It also enables production systems to be more responsive to business priorities and customer requirements, and to be more effectively managed, including remotely.

Unfortunately, the integration of OT/IT systems brings new security challenges that require new tools and techniques to manage them. If the benefits of OT/IT integration are to be realised safely, these challenges must be comprehensively addressed. Some of the top challenges include:

  • OT networks incorporate large amounts of legacy equipment that use many proprietary protocols. This equipment is often incompatible with enterprise IT environments. Furthermore, security tools used in enterprise IT environments cannot access OT networks, and are therefore not appropriate for use. OT networks require OT-specific security technology, which many organisations have little experience with.
  • Many OT networks have limited bandwidth. Attempts to gain visibility without proper tools and scanning techniques can disrupt their operation.
  • As OT often controls and monitors real-time processes, the consequences of any disruption could be potentially catastrophic.
  • In the past, OT networks achieved a degree of ‘security-by-isolation’ – but now, their increasing integration with IT networks is exposing OT networks to a global community of cyber-criminals and hackers.
  • Many tools for gathering information on OT assets are able to identify only basic attributes such as IP address and vendor, not the more granular data such as exact model and firmware version, which is essential for risk calculation and mitigation.

Delivering robust security for OT & IT

A comprehensive approach that addresses all the potential weaknesses in the security of integrated IT/OT networks is required to overcome these challenges and ensure robust security.

One of the most important considerations is segmenting the network. There have been numerous examples of how devices that were unnecessarily connected into corporate networks have been used as attack vectors. In one instance, a casino was hacked through the smart thermometer in its lobby aquarium.

An increase in the number of devices connected to a manufacturing plant’s network increases the attack surface for cyber criminals and opens up the threat of bad actors gaining online access to operational processes. In today’s connected infrastructure, bad actors can originate from anywhere.

The principle that you cannot protect what you cannot see is also true of OT networks. Security tools require deep visibility into networks in order to identify connected devices and network processes.

To improve network security, manufacturers should begin by comprehensively mapping their networks and devices to identify any sensitive or vulnerable areas. They must develop a complete inventory of endpoints and map the communication paths between them. Luckily, purpose-built OT security technologies have recently emerged, enabling security and operational staff to clearly locate all the assets on their network.

Security tools also need to maintain an up-to-date list of all known threats seen in the wild so they can detect these in any monitored networks.

In securing the OT network, the same principle applies: to define what is normal, manufacturers must monitor all assets on the network, map communication patterns and understand the purpose of that communication. The best OT security technologies establish a baseline of normal behaviour by monitoring activity over an extended period of time and establishing patterns of behaviour.

Factoring in the world’s increasingly remote workforce, which has been solidified by COVID-19, these security tools must also support comprehensive and secure remote access. They must provide the ability track and audit all remote accesses and provide robust protection against any unauthorised access.

Security tools that meet all of these requirements are now readily available, enabling any organisation to progress down the path of Industry 4.0 and successfully cope with the constraints imposed by COVID-19.

The pandemic will pass, and when it does, those organisations that have securely integrated OT and IT networks will be well placed to continue their journey towards Industry 4.0 and gain advantage from its features.

This article is by Galina Antova, 
Co-founder and Chief Business Development Officer at Claroty