The manufacturing sector has its sights firmly set on a digitally-enabled future.
Piloting an agile course out of the pandemic, leaders in aerospace, automotive and industrial manufacturing recognise that digital technology is no longer part of their business - it is their business.
The results from our Manufacturing Operations Pulse Survey 2021 reveal investment in data and new platforms, systems and channels is now paramount; the findings showed that 63% of UK manufacturers are prioritising cyber security over the next 1-2 years. Manufacturing sectors face an increasingly digital future; 81% of UK firms plan to increase technology budgets in the next 1-2 years, and hence manufacturing leaders are acutely aware of rising attacks against operational technology. This article looks at why the manufacturing sector is different to other sectors, what are we seeing regarding current trends around threat vectors, the key drivers behind current security risks and how business leaders can think differently to help keep their operations and systems safe and secure.
Manufacturing businesses have more than just traditional IT which usually covers the corporate environment (think desktops and servers). They make the most of other systems and platforms to run their day-to-day operations - known as operational technology (OT) this includes supervisory control and data acquisition (SCADA), industrial control systems or process control domains.
IT and OT environments are different in that ownership of IT in an organisation tends to sit with the Chief Information Officer (CIO) with purchasing the responsibility of the Chief Information Security Officer (CISO). By contrast, ownership of the OT environment and who is responsible for keeping it secure varies. In some organisations, this responsibility is federated across different sites and plants, while in others the responsibility might sit with the production side of the business, such as the Head of Production Quality or Head of Engineering or Operations.
As seen from the COVID-19 pandemic, it is crucial that if a business is to survive and succeed in challenging times, they must demonstrate agility and speed in their response to a crisis. This behaviour must also be extended when considering the additional risk faced by industries with OT environments. There are a collection of factors that we think that are driving the additional risk:
A few factors need to be considered, including:
These are themes that we will explore in more detail in our next article. For more information please contact Sean Sutton, James Hunt or Daisy McCartney.
The topic of this blog was discussed in our recent Cyber Security Excellence in Manufacturing webinar, the first in our Building Agility in Manufacturing Webinar Series. The next event will focus on the value of supply chain visibility in building resilience. Register your interest in attending.