Recent advances in technology, as well as pressure to find remote maintenance solutions in the wake of the COVID-19 pandemic, is helping fast forward the widespread adoption of the Industrial Internet of Things (IIoT). IIoT involves interconnecting assets to condition monitoring sensors and software to allow integration with desktop computers and mobile devices. However, with these advances also comes the heightened need to effectively manage cybersecurity risk.
IIoT opens a new world of innovative maintenance and reliability solutions, from supervisory control and data acquisition (SCADA) systems to real-time condition monitoring of programmable logic controllers (PLCs). Unfortunately, connecting your manufacturing plant to the internet also creates an unprecedented risk for cyberattacks. If you have not yet experienced an attack, it may be just a matter of time. Luckily, significant progress is being made in improving the strength of IIoT systems against cyberattacks.
In a recent Fluke Accelix Best Practice Webinar, “Managing cybersecurity risk in maintenance and reliability,” more than 100 manufacturing professionals were asked to rate the importance of cybersecurity when considering maintenance and reliability software solutions. Here are their answers:
- Mission critical – 68%
- Somewhat important – 32%
- Not Important – 0%
- Not sure – 0%
This indicates a positive step toward further security against cyberattacks. Before we dive into protection itself, let’s explore how cyberattacks can affect manufacturing plants.
How Cyberattacks Affect the Manufacturing Industry
Ransomware attacks on well-known companies have increased dramatically over the years. Unfortunately, cybercriminals consider manufacturing a high-value target.
According to a June 2021 research report from Morphisec, 1-in-5 manufacturing companies in the U.S. and U.K. have been victims of cyberattacks over the last 12 months alone. Additionally, manufacturing accounts for nearly a quarter of ransomware attacks.
Phishing, data theft, supply chain, and ransomware attacks have come to be expected. Malicious actors steal credentials, expose sensitive data, and hold intellectual property ransom. Some attacks affect organizations so viciously that they are forced to pause or halt operations, losing millions of dollars in downtime and lost productivity while recovering from the event.
Prime examples involve Russian criminal group REvil — they are responsible for stealing confidential files from Apple partner, Quanta Computer Inc., the largest laptop manufacturer in the world.
The hackers tried to extort $50 million from the multinational technology company in exchange for not leaking schematics and images detailing the plans for an upcoming laptop release. While it is unclear whether this ransom was paid, another company, JBS USA Holdings Inc, acknowledged paying the Russian criminal group an $11 million ransom to prevent further disruption of their processes after a hack forced a complete shutdown of its plants.
Preventive Maintenance Helps Manage Cybersecurity Risk and Defend Against Cyberattacks
Scheduling preventive maintenance (PM) tasks to help keep equipment operating is essential. But it is not the only kind of maintenance you should plan. Performing preventative maintenance regularly on your SCADA, PLC, and Computerized Maintenance Management Systems (CMMS) will reduce cybersecurity vulnerability.
By scheduling downtime to update software and apply patches, you keep your cybersecurity environment hardened. Hardening is a form of cyberattack protection that requires closing system gaps that hackers often use to seize the system and gain access to sensitive data.
It is also critical to know what your maintenance team will do if you experience a breach. Take the time to develop and prepare response protocols and disaster recovery plans when an attack occurs.
3 Steps to Manage Cybersecurity Risk
Confidentiality, integrity, and availability are the three pillars that make up what’s known as the CIA triad — if one or more of these components is violated, the risk of an attack increases. Organizations often use this model to build a cybersecurity foundation.
Establishing information security policies based on the CIA triad directs a team to make essential decisions about which components apply most to specific data sets, such as sensor data and the entire organization.
1. Confidentiality
Objective: Ensure that private information can only be accessed by vetted individuals.
Only core maintenance personnel should have permission to access data. To reduce the possibility of a breach, limit entry points to sensitive data to as few people as possible. Scrutinize who has access and grant permission based on what they need to do their job.
What can you do right now? Examine your organization’s data access levels, including sensitive information that permits control over essential equipment, such as a SCADA system. Many organizations categorize the importance of data to help identify how much damage it would cause if released.
2. Integrity
Objective: Ensure the data is trustworthy, accurate, and has not been inappropriately altered.
Data integrity refers to the validity and accuracy of the data throughout its lifecycle. The company’s operations department and its ability to demonstrate regulatory compliance depends on reliable data.
Inaccurate data can damage your relationship with your customers and cost a company a lot of money. According to a 2013 Gartner study, organizations surveyed estimated that inaccurate data costs them on average $14.2 million annually. Our dependence on data has only increased since then.
What can you do right now? Evaluate the level of data accuracy in your primary systems and perform an audit if you do not fully trust the data. Decide the level of confidence you require in your maintenance records and identify vulnerable points and if they need protection. Adopt controls that prevent unauthorized users from making erroneous changes or deleting data accidentally.
3. Availability
Objective: Ensure that data is available to be used when it is needed to make decisions.
Maintenance data must be available on-demand. You should know the uptime percentage that enables an enterprise asset management (EAM) system and other critical systems to supply what is necessary continuously. Maintenance systems must be protected from corruption to allow the systems to serve the organization.
What can you do right now? Commit preventive maintenance (PM) best practices to the IT infrastructure supporting your processes. Ensure you understand what is necessary to maintain availability and schedule downtime to run patches that harden the system to reduce external entry points.
Key Takeaways When Managing Cybersecurity Risk in Maintenance
- The right people and controls must be in place to protect your maintenance data’s confidentiality, integrity, and availability.
- Operations and maintenance must understand the sensitivity of the data under their care.
- Operations, maintenance, and IT must work together closely.
- The human element is one of the biggest reasons data gets breached. Educate your workforce to decrease accidental breaches.
- It is crucial to partner with your IT and security departments. By involving them early, they’ll be able to help you mitigate cybersecurity issues more effectively.
- Develop a high-level IIoT and cybersecurity checklist that includes equipment, communications and protocols, environment, and security.