To evaluate cybersecurity risks in smart manufacturing, start by identifying and mapping all your assets, such as Operational Technology (OT), Information Technology (IT), Industrial Control Systems (ICS), and Internet of Things (IoT) devices. Understand the threat landscape, including potential actors such as nation-states and insiders. Vulnerability assessments must be done to identify system weaknesses. In this interview with Sanskriti Ramachandran, Pankit Desai, Co-Founder & CEO, Sequretek delves into cybersecurity’s implications onto smart factories.

In the rapidly shifting cybersecurity landscape, the challenges are escalating in complexity, driven by the sophistication of AI technology and state actors. Manufacturing businesses of all sizes face a growing variety of threats. Cyberattacks are becoming more diverse, targeting IoT vulnerabilities and cloud workloads, and are not limited to ransomware alone. As regulatory obligations tighten and government oversight amplifies, companies must enhance their threat exposure management, adopting dynamic AI-powered incident responses to mitigate risks effectively.

Being a cybersecurity company, security and privacy are at the forefront. Right from utilising AI-powered solutions that provide comprehensive visibility and threat management through a single console, to continuously monitoring and ensuring that we are protected. Percept XDR & NG SIEM, our extended detection and response platform, allows us to have a holistic view of every device's activity, detecting anomalies early.

To evaluate cybersecurity risks in smart manufacturing, start by identifying and mapping all your assets, such as Operational Technology (OT), Information Technology (IT), Industrial Control Systems (ICS), and Internet of Things (IoT) devices. Understand the threat landscape, including potential actors such as nation-states and insiders. Vulnerability assessments must be done to identify system weaknesses. You must assess the impact and likelihood of various risks to prioritise them effectively. Despite the manufacturing sector's limited regulation, you must review your current security measures for effectiveness and ensure compliance with standards like NIST 2.0 Framework, ISO/IEC 27001 and IEC 62443. Be aware of supply chain risks and educate employees on the best cyber hygiene practices. Continuously monitor activities and engage actively in cyber risk management. It certainly helps to seek advice from cybersecurity experts for audits and guidance to strengthen your security posture.

Due to the multitude of technologies and multiple vendors that manufacturing organisations deal with, there’s a higher risk of supply chain and zero-day cyberattacks. You may be aware of the recent breach on a global Fortune 500, French Multinational company specialising in digital automation & energy management. The victim organisation confirmed that a developer platform was breached after a threat actor claimed to steal 40GB of data from the company's JIRA server. Towards the start of this year, the same organisation experienced a breach in a Cactus Ransomware Attack where terabytes of data were stolen by the attackers.  

In the IT world, patches are frequently rolled out, which helps address cybersecurity challenges (though a majority of the organisations face challenges in updating these critical security patches). The realm of Operational Technology (OT) complicates this challenge as many systems haven't been refreshed for decades because their legacy technologies don't require transformation. Traditionally, OT companies have maintained a close, mutually beneficial relationship with manufacturers, and the cost of making changes in OT can be very high. Now, however, IT and OT have converged, brewing a perfect storm waiting to happen. 

On the human side, there's a noticeable difference between IT and OT regarding age demographics. IT is largely driven by a younger, tech-savvy generation, whereas OT professionals are experts in their field but may not be as technologically inclined as those in IT. Many OT folks are resistant to changing how they operate and might even view IT professionals as persona non grata. This resistance complicates efforts to ensure cybersecurity within the OT landscape. 

Companies with OT come under critical infrastructure like utilities, chemicals, healthcare, etc. Any failure in OT systems can become a major issue, for example, power grid attacks in Ukraine, leading to loss of lives. In IT, the worst-case scenario is financial loss or data fidelity issues. So, how can cybersecurity companies help manufacturing firms? They can implement security controls and provide training to enhance security awareness. A company like us (Sequretek) conducts proactive threat hunting, streamlines incident response, and performs penetration tests and audits. Our expertise ensures regulatory compliance, reducing risks and improving infrastructure security.

Industries vulnerable to cyberattacks in smart manufacturing consist of energy, water, chemicals, healthcare, pharmaceuticals, automotive, aerospace and defence, and telecommunications, just to mention a few. They are singled out because of their crucial infrastructure responsibilities, valuable intellectual property, and intricate supply chains, making them appealing for espionage, sabotage, and disruption.

Several Indian manufacturing companies continue to neglect cybersecurity, often failing to fully understand the possible repercussions of cyberattacks. This confidence stems from a lack of government oversight and limited understanding of the serious consequences of attacks, such as disruptions to operations, substantial financial losses, and damage to reputation. As the speed of digital transformation increases, these businesses need to make cybersecurity a top priority to safeguard operations and maintain business continuity.

That being said, numerous Industry 4.0 companies are beginning to focus on security through gradual measures. However, there is still a considerable distance to cover before achieving the desired level of cybersecurity maturity. Until that time, the malicious individuals will have an advantage, causing numerous issues.

In smart manufacturing, incident detection and response currently hinge on network behaviour anomaly detection (NBAD), which uses machine learning to identify deviations from normal activity, signalling potential threats. 

While the network is monitored, the endpoints are not - given that each OT device is unique by design. These devices are extremely proprietary in their software configurations, code, etc. Therefore, unless there is a synergy between the OEM and the application, it is not possible to monitor and detect threats in the environment effectively.

The NBAD approach must be complemented by integrating monitoring tools that provide visibility across both IT and OT environments. A robust incident response plan is essential for swiftly mitigating threats through containment and recovery. Conducting root cause analysis after incidents helps prevent recurrences, while continuous threat exposure management involves defence-in-depth and defence-in-breadth strategies with the latest threat intelligence. Regular employee training keeps teams informed and prepared to handle evolving cyberthreats, ensuring security and minimising operational disruptions.

Failure to have strong incident detection and response in place can result in a serious breach as was in the case of an energy giant recently in the news. 

Adversaries utilise Gen AI technologies like ChatGPT to create malware on the fly, which OT companies are not equipped to handle. The future of cybersecurity in smart enterprises will be increasingly reliant on AI/Gen-AI and machine learning. These technologies will not only enhance the ability to detect and respond to threats more swiftly and accurately but also help predict and prevent potential attacks by analysing patterns in vast datasets. Sequretek’s AI powered products have numerous test scenarios and the capability to self-identify new and advanced attack patterns. Our technologies leverage Gen-AI specifically for key areas like Search & Drill Down, Autonomous Parsing, Analytical Models and Incident Response. Staying ahead means continuously evolving our solutions to provide more intelligent, adaptive security to combat the ever-evolving threat landscape.

Certainly, collaboration is the key! Each and every stakeholder, from users & OEMs to component suppliers and integrators, plays a critical role in creating a secure ecosystem. All these siloed OT systems must coexist with and complement each other, and IT systems must consolidate the technology landscape. 

It is crucial for people, processes, and technologies to come together to ensure a secure environment. Right from conducting regular cyber awareness training for IT and OT users to share threat feeds with CERT organisations/community, standardising security protocols and by fostering open communication channels, manufacturing companies can strengthen their defences. Ideally the collaboration needs to lead to innovative security solutions that can easily integrate across all facets of the smart manufacturing supply chain, ensuring resilient and holistic protection against cyberthreats.