Placing risk management and threat scenario planning at the intersection of smart manufacturing and cybersecurity can fortify organizations.
● The arrival of smart manufacturing, driven by AI and advanced technologies, necessitates a paradigm shift in how manufacturers approach cybersecurity.
● Manufacturing systems and facilities are interconnected, making them vulnerable to cyberattacks that can exploit systems at scale.
● Manufacturers can safeguard against cybersecurity threats by leveraging threat scenarios and adopting vigilant but practical risk management practices.
Manufacturers are increasingly leveraging AI-driven or smart manufacturing technologies to enhance their production processes and improve their bottom line. As businesses chart their course for the next five years, data analytics, increased automation, and the adoption of smart manufacturing and cloud technologies are driving forces for growth. Predictive maintenance, quality control, inventory management, supply chain optimization, and autonomous robots are revolutionizing manufacturing by boosting efficiency, quality, and safety. According to the Rockwell State of Smart Manufacturing Survey, most organizations recognize the importance of smart manufacturing, with 45% planning to adopt it within the next year and an additional 39% within 1-2 years. Over 50% more manufacturers are using machine learning and AI technologies than just a year ago, so the transformation is accelerating quickly. In fact, the Manufacturing Leadership Council’s 2023 Transformative Technology survey reveals that 63% of respondents expect Manufacturing 4.0 technology adoption to accelerate in the next two years.
All these transformative technologies share a common requirement: the need for a fortified cybersecurity strategy. Manufacturers must recognize cybersecurity as an integral component of their digital transformation journey. It is not just an afterthought, but rather the first and last question on the journey toward realizing smart manufacturing’s full potential. Establishing a robust cybersecurity strategy involves setting up the right governance structure, integrating technology with people, and focusing on progress over perfection.
The Complexity of Manufacturing Systems
Manufacturing systems are intricately interconnected, making them susceptible to cascading impacts in the event of a cyberattack. As technology evolves, manufacturers are moving from heterogeneous to homogeneous infrastructures, transitioning from purpose-built control system environments with different integrators, OEMs, and profiles to common operating systems, network protocols, and software stacks.
An attack on one system can reverberate through an entire plant, resulting in substantial revenue losses. The similarities between environments also provide an unintended advantage for adversaries – the learning curve is easier, and groups can develop impactful malware at scale.
“An attack on one system can reverberate through an entire plant, resulting in substantial revenue losses.”
The consequences of cyberattacks on manufacturing operations can be far-reaching and detrimental, affecting key components for operations, productivity, and safety. Depending on the malware functions and attack intentions, attacks can target manufacturing operations by affecting any of the three main systems of a plant:
- Manufacturing Execution Systems (MES): MES systems play a pivotal role in data interchange between business and operations, making them prime targets for cyberattacks.
- Plant Floor Assets: Assets like Human Machine Interfaces (HMIs) and controllers are indispensable for controlling equipment and processes. Disruption of these systems can bring manufacturing production to a standstill.
- Enterprise Resource Management (ERP): ERP systems, centralizing plant data, downtimes, and production constraints, are crucial to the manufacturing industry’s corporate side.
These interdependencies underscore the importance of threat scenarios as essential components of cybersecurity planning for operational technology environments.
Threat scenarios simplify the process of risk assessment by identifying and prioritizing vulnerabilities that hold the utmost relevance in your specific environment, thus aiding in the allocation of resources. Simulated threat scenarios serve as litmus tests for assessing your level of preparedness, enabling manufacturers to pinpoint security control gaps effectively. By using realistic scenarios, you can strategically engineer your architectures to defend against the most probable Tactics, Techniques, and Procedures (TTPs).
Threat scenario analysis concentrates the deployment of security controls on those areas with the highest risks, fostering proactive defense measures. These scenarios enhance incident response planning, facilitating the development of effective strategies, role definitions, and containment and recovery procedures. Well-understood threat scenarios unite different teams across your enterprise, and you can rally around them to promote a continuous improvement culture through regular employee training.
“The consequences of cyberattacks on manufacturing operations can be far-reaching and detrimental for operations, productivity and safety.”
Step-by-Step Guidance for Using Threat Scenarios to Improve Your Cybersecurity Program
Step 1: Choose Threat Scenarios: Select three to four threat scenarios that resonate most with your sub-sector and environment. These will be the focal points of your cybersecurity strategy.
Dragos recommends starting with these four common scenarios for manufacturing environments:
- Ransomware: Ransomware attacks are a significant concern, with their initial access stemming from various sources such as remote connections or leveraging information technologies/operational technologies (IT/OT) dependencies. These attacks involve exfiltrating information, encrypting files, and locking compromised computing systems, demanding ransom payments for their release.
- Trusted Vendor Compromise: Trusted vendors may unwittingly become conduits for cyberattacks when their software becomes compromised before distribution. These attacks can disrupt the supply chain.
- Shared IT/OT Dependencies: OT systems’ reliance on IT systems or insecure remote access into OT environments can result in IT compromises affecting OT, potentially causing disruptions.
- PIPEDREAM: PIPEDREAM is a highly scalable industrial malware that targets industrial control systems. While it was detected and analyzed in 2022, it remains a potential threat, underlining the need for preparedness.
Step 2: Identify Crown Jewels: Identify the critical assets within your environment — typically constituting about 25% of your infrastructure — and prioritize their protection.
Step 3: Align Around the SANS Five Critical Controls: Dragos and the SANS Institute undertook extensive research to discern the most effective measures to counter incidents within Industrial Control System (ICS) environments. These efforts resulted in the formulation of the SANS Five Critical Controls, a concise framework that outlines essential steps manufacturers must take to establish a robust security strategy against genuine threats.
“Threat scenarios simplify the process of risk assessment by identifying and prioritizing vulnerabilities that hold the utmost relevance.”
The SANS Five Critical Controls include:
- Incident Response: To effectively address cybersecurity incidents, it is imperative to envision and plan for the worst-case scenarios. What does a “bad day” look like, and how should your security program respond to such scenarios? Focus on scenarios that hold real relevance to your specific industry and environment, avoiding theoretical exercises in favor of real-life, industry-specific threats. Get a thorough understanding of the risks involved by meticulously examining each scenario from inception to resolution. Select three to four scenarios, like the ones listed above, and reverse-engineer strategies for handling them effectively.
- Defensible Architecture: A well-designed and segmented architecture forms the bedrock of a defensible cybersecurity strategy. It should empower human defenders to thwart human adversaries effectively. Consider whether your architecture can support the collection of critical data needed for incident response. While IT predominantly deals with data and systems, OT encompasses systems of systems and physics. Failing to account for the transient nature of data in OT can be detrimental during investigations and incident recovery.
- Visibility and Monitoring: Achieving comprehensive visibility across your network is indispensable. It involves monitoring control system protocols and communications within your processes, reinforcing the foundation of a defensible architecture. Operational resilience hinges on the ability to conduct root cause analysis, enabling the detection of threats and understanding the scenarios most likely to impact your environment. This should align with your organization’s unique priorities.
- Secure Remote Access: Secure remote access demands multifactor authentication and meticulous supply chain management. Interconnectedness exposes your risk to the risks of others, emphasizing the need for a robust approach to remote access.
- Vulnerability Management: Effective vulnerability management is not about indiscriminate patching but focuses on the vital 2-4% of vulnerabilities that truly matter. Identifying these vulnerabilities and knowing how to address them is essential.
In concert, these five critical controls constitute the foundation of a potent cybersecurity program and give you something to measure against.
Step 4: Conduct a Risk Assessment: Assess the current state of your environment to understand existing vulnerabilities and potential risks.
Step 5: Identify Gaps and Priorities: Based on your risk assessment, identify gaps in your cybersecurity defenses and establish priorities for mitigating them. This step forms the basis for your cybersecurity roadmap.
The Bottom Line: Adopt a Vigilant – But Practical – Risk Management Strategy
The advent of smart manufacturing, driven by AI and advanced technologies, necessitates a paradigm shift in how manufacturers approach cybersecurity. It must be an integral and proactive component of your digital transformation journey. By leveraging threat scenarios and adopting a vigilant but practical stance toward risk management, manufacturers can safeguard their operations, protect sensitive data, and position themselves for success in an evolving landscape where innovation and security must go hand in hand. M
About the Author:
Michael Sakmar is the Vice President of Professional Services at Dragos, Inc., where he leads teams of consultants in performing active defense inside of ICS/OT environments. He is responsible for a range of services such as architecture assessments, penetration testing, tabletop exercises, and incident response.