Enhancing Cybersecurity Practices in Manufacturing

PB 25 Rockwell newlogo 400

August 5, 2022

Manufacturing organizations know that unplanned downtime is costly. What may be less clear is the impact that cyberattacks, like ransomware, have on downtime.

Simply put: successful attacks on manufacturing mean downtime – not measured in hours or days, but often weeks or longer.

ThirdPartyTrust reports that cybercriminals are drawn to the most vulnerable and profitable sectors, which is probably why manufacturing received nearly one fifth of all attacks on businesses and organizations in 2020.

The average cost of a ransomware attack in the manufacturing sector is US$1.52 million, according to Sophos research. This is not just the cost of downtime and ransoms paid; it also includes the cost of lost opportunities, and no doubt the immeasurable loss of trust from customers and other stakeholders.

Besides going after system disruption to help drive ransom payments, cybercriminals also try to gain access to high-value data like IP; extort third parties by threatening to expose their data; and threaten to harm plants, assets and workers.

Critical Manufacturing Supports Critical Infrastructure

The Critical Manufacturing Sector is crucial to economic prosperity and continuity, notes the US Cybersecurity & Infrastructure Security Agency (CISA). The industries that comprise this sector – metals, machinery, electrical equipment, appliance and component, and transportation equipment – require manufacturing industry cybersecurity to be strengthened, as a direct attack or disruption could disturb essential functions, economic interests and daily life.

Critical Manufacturing and Pandemic-related risks

CISA identified several operational vulnerabilities in industrial control systems (ICS) related to going remote during the COVID-19 pandemic. Remote authentication, for example, is more of a challenge than when employees are physically present in a traditional workplace environment. Reduced network segmentation and expanded cyberattack surfaces from remote locations and devices create additional vulnerabilities.

Effective management of remote processes, including security, identity validation, and ongoing monitoring, must be in place to prevent simple to catastrophic downtime from cyberattacks. Sensible and straightforward, right? However CISA also concludes that managing cybersecurity risks in an ICS environment requires skills that are difficult to find and maintain, especially when organizations are facing pandemic-driven changes. Support is needed.

Cybersecurity Solutions for Manufacturing

As a company highly experienced in both industrial automation and industrial cybersecurity, Rockwell Automation can meet these challenges head on and quickly.

Rockwell Automation aligns with the NIST cybersecurity framework: Identify, Protect, Detect, Respond, and Recover. This approach provides a reliable, end-to-end, standards-based approach for industrial organizations to increase cybersecurity protection.

Some of the largest manufacturers in the world have successfully deployed our advanced cybersecurity controls.

For example, a Latin American chemical manufacturer needed secure remote access to their IT/OT network for employees, while reducing the risk of cybersecurity incidents. Our Secure Remote Access solution was deployed, with remote configuration services for 2,000 intelligent drives. The solution was fully integrated into the organization’s process control system that handles 8,000 I/O points, reducing cybersecurity risks to the corporate and OT networks.

In another example, we helped mitigate cyber risks and eliminated 100% of associated CapEx costs by delivering patch management and antivirus managed services for a North American food company. The Rockwell Automation OT Managed Services program cut troubleshooting time and enabled secure information convergence across the enterprise, all while lowering the client’s risk profile.

At another North American food company, we created an enterprise cybersecurity dashboard to view and manage risks, anomalies, and security events so the company could gain overall visibility into cybersecurity risks.

Rockwell Automation is unmatched in orchestrating complex cybersecurity solutions across multiple sites and regions for all types of manufacturing and industrial organizations, bringing our decades of experience in factories and plants to every client.

Network Visibility: You Can’t Protect What You Can’t See

While the sophistication of attacks grows, most attacks are preventable with today’s known cybersecurity methods and tools, since attackers often look for and strike the easiest security gaps first. But many manufacturers don’t have clear visibility into the assets on their industrial network, making it harder to secure, while complicating threat detection and risk mitigation.

What’s more, with IoT devices proliferating and manufacturing companies undertaking digital transformation initiatives, network visibility becomes even more important.

Learn how Rockwell Automation improves network asset visibility, so you can spot threats heading your way before they impact operations. Watch the webinar replay on The Role of Visibility in Cybersecurity.




Related Articles

Network Infrastructure Featured Product Spotlight

PBUS 14 Panduit logo 400

This webinar presented by Beth Lessard and Keith Cordero will be highlighting three Panduit solutions that will optimize network equipment and cabling to ensure that your spaces are efficiently and properly managed to support ever-evolving business needs of today and beyond. Products that will be featured include PanZone TrueEdge Wall Mount Enclsoure, Cable Managers, and Adjustable Depth 4-Post Rack.


Editor’s Pick: Featured Product News

Siemens: SIMOVAC Non-Arc-Resistant and SIMOVAC-AR Arc-Resistant Motor Controllers

The Siemens SIMOVAC medium-voltage non-arc-resistant and SIMOVAC-AR arc-resistant controllers have a modular design incorporating up to two 12SVC400 (400 A) controllers, housed in a freestanding sheet steel enclosure. Each controller is UL 347 class E2, equipped with three current-limiting fuses, a non-load-break isolating switch, and a fixed-mounted vacuum contactor (plug-in type optional for 12SVC400). The enclosure is designed for front access, allowing the equipment to be located with the rear of the equipment close to a non-combustible wall.

Read More

Sponsored Content
Electrify Your Enterprise

Power is vital to production, and well-designed control cabinets are key. Allied Electronics & Automation offers a comprehensive collection of control cabinet solutions including PLCs, HMIs, contactors, miniature circuit breakers, terminal block connectors, DIN-rail power supplies, pushbutton switches, motor starters, overloads, power relays, industrial Ethernet switches and AC drives engineered to keep your operations running safely, reliably and efficiently.

Learn more HERE.

Products for Panel Builders

  • Amphenol TPC Wire & Cable: New Super-Trex SJOO Portable Cord

    Amphenol TPC Wire & Cable: New Super-Trex SJOO Portable Cord

    Amphenol TPC Wire & Cable proudly announces a new line of portable cable – Super-Trex SJOO Portable Cord. This innovative product is designed to meet the demands of harsh industrial environments and offers exceptional flexibility, durability, and protection. It is ideal for manufacturing and industrial settings in various applications, including powering light machinery, assembly line systems, portable… Read More…

  • Pfannenberg USA: New X-Series Cooling Units

    Pfannenberg USA: New X-Series Cooling Units

    Pfannenberg, Inc. has recently announced its new X-Series cooling units. The innovative X-Series marks a focus in energy efficiency and operational effectiveness for industrial cooling applications. Designed to meet the demanding needs of modern industries, the X-Series units feature an optimized control algorithm using inverter technology, developed from years of expertise. This allows for the… Read More…