Manufacturing
cyber security:
How to enhance
threat visibility
across IT and OT
environments

Author: Satta Sarmah Hightower

Discussions about cyber security often focus on the unique threats software and cloud-based solutions face, whether it be ransomware, phishing or man-in-the-middle attacks where hackers intercept communications between two parties to steal sensitive information.

But these threats are just as much of a risk in operational technology (OT) environments as they are in information technology (IT) environments. With the convergence of OT and IT in manufacturing, the industry now faces even greater security risks. To strengthen manufacturing cyber security and prevent manufacturing data breaches, companies must establish full visibility into threats across their OT and IT environments and develop a unified threat detection and response strategy that better protects the enterprise.

Challenges with network visibility in industrial environments

Operational technologies include a wide range of industrial systems used in manufacturing, including programmable logic controllers, human-machine interfaces, computer numerical control systems, building management and building automation systems, and supervisory control and data acquisition systems. Each of these technologies encompasses a combination of hardware and software that is responsible for monitoring, controlling and operating industrial equipment.

Protecting OT is crucial because any disruption to these environments could have a wide-ranging impact on people's everyday lives. For example, a hack of an automation system could compromise production and affect supply chains.

OT environments have traditionally been separate from IT environments, but these environments are now more interconnected because companies need to increase their agility and deliver services more quickly and efficiently.

However, convergence also has increased the attack surface for organizations. Operational technologies are prime targets for hackers because these technologies support mission- and business-critical tasks. Operational technologies also may include legacy technologies that lack modern threat detection and response capabilities and may not be subject to the same data governance requirements as IT solutions, since they've traditionally operated outside of IT environments.

All of these factors make it more difficult for companies to establish full network visibility into their broader technology ecosystem and gain a comprehensive understanding of the most pressing threats to their organizations. However, they can take several steps to address these challenges, reduce the risks of manufacturing data breaches, and enhance manufacturing cyber security across OT and IT environments.

Improving manufacturing cyber security: A pathway for better threat detection

To secure your technology infrastructure and improve manufacturing cyber security, your organization must first examine its OT and IT connections and determine whether it is actually necessary to connect a particular operational technology to your network. This assessment could help to reduce your organization's exposure and protect critical systems.

Companies also must have a strategy—and accompanying technology and services in place—to monitor OT-IT connections. A robust threat intelligence platform and managed threat detection and response services can provide the end-to-end visibility and real-time monitoring your organization needs to effectively respond to and mitigate threats.

Minimize your risk of manufacturing data breaches

The Cybersecurity and Infrastructure Security Agency (CISA) also offers recommended guidance for protecting industrial control systems that include:

  • Checking, prioritizing, testing and implementing industrial control systems (ICS) security patches. This means making sure your systems are upgraded with the latest security features.
  • Ensure you back up mission-critical systems, so your organization can easily restore data in the event of a breach.
  • Disable unnecessary ports, protocols or services and remove them from the network.
  • Create and test a comprehensive incident response plan.
  • Use a range of security tools and approaches, including anti-virus software, whitelisting approved users, applications and systems, and employing a defense-in-depth strategy in which your organization leverages multiple security controls for enhanced protection.
  • Practice good data governance. Maintain an up-to-date inventory of all your OT and IT assets, the data they collect and any interconnectivity between them.

These are just some of the approaches that can protect your technology infrastructure and minimize your risk of manufacturing data breaches. As OT and IT continue to converge, your organization will need to develop a unified detection and response strategy and a holistic manufacturing cyber security program that closes existing security gaps, provides greater network visibility and ensures you're as prepared as possible to confront today's ever-changing and ever-increasing threats.

Explore how Verizon's network detection and response services can help you establish a manufacturing cyber security strategy to help prevent manufacturing data breaches across your OT and IT solutions.