On top of the security issues plaguing OT systems, more than half (67 percent) of manufacturing experts say flawed organizational processes within manufacturing companies are making security more difficult. Few organizations have teams that collaborate across the IT segments – tasked with securing and managing hardware and software along with storing and transmitting data – and the OT segments – which oversee ICS devices, and manage physical processes tied to industrial equipment.
The majority of those surveyed by Trend Micro (88 percent) said that their companies’ IT and OT teams don’t collaborate across all phases when determining cybersecurity measures. The disparity between IT and OT can affect the security posture of manufacturing companies overall: In fact, firms with IT and OT teams that did work together had a higher level of security protections like firewalls and network segmentation.
“The results show that if both IT and OT teams participate in the selection of technical measures and the decision making process in factory cybersecurity, the implementation of technical measures will be easier,” the report says. “In particular, there are significant differences in measures such as firewalls, IPS, and network segmentation.”
For manufacturers, these technology-level and organizational-level challenges are leading to potentially devastating disruptions. Of the surveyed organizations that experienced cyber attacks, 75 percent suffered system outages, with 43 percent saying their outages lasted more than four days.
Depending on the industry that the affected manufacturing firm is in, and the materials it produces, such attacks could have high financial stakes and cause disruptions for other partners and customers across the supply chain. In February, a ransomware attack hit WestRock, the second-largest packaging company in the U.S., affecting its OT systems used to control industrial operations and causing its mill system production and packaging-converting operations to sputter to a stop. The attack caused a lag in production levels for some of the company’s facilities. For instance, the firm’s mill system production, through Feb. 4, was approximately 85,000 tons lower than planned.
These types of production halts can cost companies in terms of lost productivity, brand damage and more. In 2019, a ransomware attack on Norwegian aluminum maker Norsk Hydro forced the company to shut down or isolate several plants and send several more into manual mode – ultimately accumulating a loss of $35 to $41 million in the first quarter of 2019.
Claroty’s Preminger said that for manufacturing companies, “security in-depth is the best approach.”
“You need a layer of protections – starting from the external interface, to internal,” he said. “Antivirus, firewalls and segmentation are important to practice and have, but companies also need internal protection mechanisms for OT networks. This includes different ways to protect systems – you can’t just have one solution.”