Tomorrow’s manufacturing plant will be resilient and secure
Achieving competitive advantage through the digitization of plant and processes is a given for today’s manufacturer. But what if that digitization comes at the risk of damaging competitiveness by opening the gate to cyber-attack? Should it stop your digital transformation journey, or does it simply require a new, more rigorous approach to security?
Calling a halt to the journey clearly isn’t the answer. After all, digital is already embedded in our day-to-day lives and digital manufacturers have the potential to deliver a great customer experience with the right digital capability, correctly used. Smart, connected products, assets, and operations are already yielding productivity gains, cost savings, and improved revenue for many digital leaders. At the same time, those leaders and others now following suit are quickly realizing that the digitization of enterprise business and industrial processes demands a new approach to protecting critical assets.
As a matter of fact, the plant networks, which used to operate in isolation, are rapidly opening to the outside world. On the one hand, manufacturers’ ERP applications are increasingly being interconnected with the shop floor through manufacturing execution systems and various other operational systems. On the other hand, data from machines, industrial robots, and all other kinds of industrial control systems (ICSs), including smart sensors and embedded systems, are now getting pushed to the cloud to be leveraged for predictive maintenance and data-analytics applications. More and more frequently, part of the production data is even made accessible from public networks, through social, mobility, analytics, cloud, and the Internet of Things (SMACT) technologies.
The new layer of complexity that this brings results in numerous potential vulnerabilities. It also vastly enlarges the attack perimeter attainable by hackers. Indeed, industry leaders undertaking their digital transformation have to ponder two new kinds of risks: those linked to entrusting their sensitive production data to an external cloud environment, as well as those related to exposing their sensitive shop floor machines and automation-systems to hacking, industrial espionage, or ordinary malware. In the latter case consequences can range from loss of production to damaging production machines, or even to environmental, regulatory or safety impacts in some industries.
So what’s the answer? Capgemini advocates a digital transformation strategy with a holistic approach of security at its core, encompassing not only technology, but also processes, people, and contracts. It is how the manufacturing industry can make the jump to greater mobility, big data, cloud and the Internet of Things, while safeguarding operations against cyber-attack and malicious internal behavior.
Key steps for safeguarding the digital enterprise
In this context, the first steps of the answer are often organizational: identify the business risks on the shop floor, inventory the sensitive data, the business-critical industrial control systems, and define the risk-management processes from the operations in the plant up to the executive board.
Protection comes next: define the overall security architecture of computer and industrial networks, by identifying security zones of various criticalities, and by defining the protection technologies to be used inside each zone as well as at the zone boundaries. Methods and technologies will somewhat differ from those used for the protection of corporate IT systems, as an example, automatic security patching is often impractical more often than not on mission-critical industrial systems.
Detection of, and reaction to incidents and abnormal events is the indispensable last step of an all-around cybersecurity approach. Once again, methods and technologies dedicated to industrial systems have to be used, for instance intrusion detection probes with a capability to dissect and analyze standard industrial control protocols.
So while your digital transformation has the potential to bring big rewards, it has to be with this focus on security.
Making cybersecurity a business enabler
Our industrial cybersecurity solution for the digital manufacturer delivers this sharp focus. As an example, we helped an industry leader to build its cybersecurity and information protection strategy and transformation program. This engagement spanned group infrastructure security, data protection in R&D activities, a SAP-based identity and access management (IAM) model, and industrial systems security.
Less than a decade ago, this level of security was largely unheard of. But as industry continues to rely on digital for productivity gains and to drive new business models, the only way to safeguard your business assets, intellectual property, and the end-to-end product lifecycle, is by turning the spotlight on cyber security as a key business enabler. Getting this right today will ensure the digital manufacturer of tomorrow is both resilient and competitive.
For more information on our group Cybersecurity Services, download the brochure.
Co-authored with: Markus Rossmann