Understand Modern Cybersecurity Solutions for Manufacturing IT & OT

Use intelligent defense software and continuous monitoring to maintain operational integrity.

Analyst Perspective

Use intelligent defense software and continuous monitoring to maintain operational integrity.

Technologies such as IoT, AI, machine learning, AR/VR/XR, big data analytics, and digital twins are revolutionizing manufacturing by enabling increased automation, connectivity, and efficiency. However, a rapid advancement in technology, combined with the presence of legacy systems, has created a landscape fraught with cyber-vulnerabilities. Legacy systems, and most factories, were never designed for connectivity or cybersecurity in the first place.

Consider recent incidents: a leading forklift and truck manufacturer fell victim to a crippling cyberattack; a major aerospace company was targeted in a sophisticated cyber-espionage campaign; and a top automotive manufacturer faced a ransomware attack that brought production lines to a standstill. These three examples highlight a growing trend where the very innovations driving progress are also introducing significant cybersecurity risks.

In this environment, the role of CIOs is crucial. They are now at the forefront of ensuring that the adoption of smart technologies does not compromise the security and integrity of manufacturing operations. This research dives deep into the specific vulnerabilities brought about by next-generation technologies and offers strategic insights on building a robust cybersecurity framework. By integrating advanced solutions and adopting a proactive approach, CIOs can protect their enterprises from imminent threats, ensuring the resilience and reliability of their smart manufacturing operations.

Shreyas Shukla

Principal Research Director, Industry Practice
Info-Tech Research Group

Executive Summary

CIOs need to champion proactive cybersecurity strategies and advanced software solutions so that manufacturing firms can safeguard their assets, elevate their market standing, and attract investor and customer trust through measurable security enhancements.

Manufacturers are prioritizing investments in smart technologies and connected OT

Smart technologies are leading to greater efficiencies.

“…manufacturers expect that their investments in smart factories will drive a 27% increase in manufacturing efficiency over the next five years which would add $500 billion in annual added value to the global economy.”

– Capgemini, 2017

Investments in smart technologies are continuing to grow.

The global smart manufacturing market value will top $200 billion by 2025.

– Versacall Technologies, 2020

Manufacturers are focused on productivity and the bottom line.

74% of manufacturers invest in smart technologies to improve productivity while 70% stated that ROI was a critical factor.

– FourJaw, 2022

Manufacturers believe smart technologies will alleviate their challenges.

95% of manufacturers are evaluating smart manufacturing technologies.

– “9th Annual State of Smart Manufacturing Report,” Rockwell Automation, 2024

Manufacturers struggle to compete due to a lack of skilled workforce.

94% of manufacturers expect to hire more workers or repurpose workers to new or different roles.

– “9th Annual State of Smart Manufacturing Report,” Rockwell Automation, 2024

Smart Technologies are transforming manufacturing.

83% of manufacturers believe that smart factory solutions will transform the way products are made in the next five years.

– Smart Industry, 2024

Smart technology is disrupting every part of the manufacturing value chain

Manufacturers continue to make investments in technology-led transformation across the value chain, opening them up to new vulnerabilities. Prior to the pandemic, the main objective of most manufacturers was top-line growth. This transformed into effective planning and inventory management strategies during the pandemic. Now, the focus is on operational efficiency and bottom-line optimization. However, the most vulnerable areas still do not see enough investment in cybersecurity.

Source: Contributor Interviews, 2024

Enterprise cybersecurity continues to be the top priority for manufacturers

Cybersecurity continues to be the biggest concern/roadblock manufacturers report when adopting new digital services and software. Additionally, AI enablement and use continues to be of interest to manufacturers and will likely rise in priority over the next two years.

Absence of cybersecurity consideration is a barrier to successful implementation of emerging technology.

“…many industries and manufacturing plants remain limited at the proof-of-concept stage, often because cybersecurity was not initially considered in these pilot projects.”

– Barbara Frei, Schneider Electric, as quoted in “How Advanced Manufacturing Can Improve Supply Chain Resilience and Cybersecurity,” World Economic Forum, 2024

Cybersecurity is top of mind for manufacturers considering investments in IoT solutions.

Eighty-four percent of manufacturers custom-built their IoT solutions because they felt IT security considerations could be better addressed with that approach.

Of the companies who adopted off-the-shelf IoT solutions and used a systems integrator (comprising 42% of those surveyed), 100% shared that a solid IT security track record or reputation was either very important or important.

Source: IoT Analytics, 2024

Manufacturers urgently need solutions to protect their IT/OT environments

The way manufacturers operate has changed significantly since the COVID-19 pandemic. Rapid digital transformation, hybrid work models, connecting stranded machines, and infusing new technologies and partnerships has significantly increased the potential attack surface that manufacturers need to contend with.

Manufacturers are having to deal with significant operational changes due to accelerating digital transformation efforts and the race to bring OT online…

Digital Transformation

Manufacturers have accelerated digital transformation efforts. Merging previously isolated OT and IT systems has broadened the attack surface, providing cybercriminals new ways to exploit these environments.

Legacy Devices

Legacy devices are being connected to the internet as part of digital transformation efforts, exposing them to new cyberthreats. These devices and machines were designed without cybersecurity features, hence updating or replacing them is not an option.

Workforce Modernization

The shift to remote and hybrid working models has intensified security concerns for manufacturers, forcing them to update critical infrastructure and legacy systems.

Remote Access

Manufacturers have had to enable remote access to assets for maintenance by internal and third-party personnel. Improper management of these channels can significantly expand the attack surface and introduce new cyberthreat entry points.

Regulatory Requirements

Regulatory bodies have established minimum cybersecurity standards, mandating that manufacturers implement specific protective measures. Complying with these regulations is complex and costly, posing significant challenges for manufacturers of all sizes.

Cyberattacks are increasingly impacting both IT and OT.

32% of manufacturers report that a cyberattack impacts both IT and OT systems.

33% or more of ransomware attacks reported to the FBI last year targeted organizations in a critical infrastructure sector.

68% of organizations expect to face more cyberattacks due to increased remote working.

Source: “The Ultimate Buyer’s Guide for Industrial Cybersecurity Platforms,” Claroty, 2023

Manufacturers face many challenges in trying to secure their IT/OT environments

As IT and OT technologies and responsibilities converge, IT teams face a multitude of challenges in securing a complex, connected, growing, and critical OT environment. While attacks on corporate IT often spill over to industrial control systems, compromised OT devices pose severe risks, including physical damage and threats to human safety.

IT teams are finding it extremely challenging to secure connected manufacturing environments

IT/OT Convergence

Attackers can exploit visibility gaps and vulnerabilities to move between converged IT/OT ecosystems, making comprehensive visibility across both IT and OT critical for security.

Impact from Corporate IT

Cyberattacks on corporate IT systems end up impacting industrial operations by penetrating industrial control systems, resulting in operational shutdowns and compromising critical infrastructure.

IOT Integration

Integration of IoT devices into traditional industrial control systems significantly expands the attack surface making manufacturers more vulnerable.

Transitioning to Cloud

The pandemic forced SCADA control to the cloud. Convergence of OT with IT in the cloud comes with increased risks including questions on reliability, availability, and security.

Regulations & Compliance

Manufacturers must stay informed on evolving cyber regulations and train regularly to adhere to industry-specific compliance requirements.

Source: Darktrace, 2023

Manufacturers face significant financial impacts from cyberattacks.

Manufacturing is the industry most commonly targeted by cybercriminals.

The global average total cost of a breach was $4.88 million in 2024, while the average cost of a breach in the manufacturing sector was $4.73 million in 2023.

Source: IBM, 2023; IBM, 2024

Smart technologies deliver significant benefits to manufacturers

Manufacturers are increasing their smart technology investments.

“Prompted by inflationary pressures and rising energy costs, manufacturers are stepping up technology investment to counter risks…Technology investment up 30% year-over-year…”

– “9th Annual State of Smart Manufacturing Report,” Rockwell Automation, 2024

Smart technologies make manufacturers susceptible to many cyberattack vectors

In smart manufacturing environments, understanding the diverse attack vectors that threaten IT and OT systems is crucial for implementing effective cybersecurity measures. Below is a categorized list of potential attack vectors, highlighting those that target IT, OT, and both IT and OT systems, to help organizations better prepare and protect their critical infrastructure.

IT Focused Attack Vectors

• Phishing Attacks
• Spear Phishing
• SQL Injection
• Distributed Denial of Service (DDoS)
• Industrial Espionage

OT Focused Attack Vectors

• SCADA/ICS Exploits
• IoT Device Exploits

IT & OT Focused Attack Vectors

• Ransomware
• Credential Theft
• Insider Threats
• Physical Security Breaches
• Supply Chain Attacks
• USB and Removable Media
• Exploiting Unpatched Vulnerabilities
• Advanced Persistent Threats (APTs)
• Social Engineering
• Wireless Network Attacks
• Remote Access Trojans (RATs)
• Zero-Day Exploits
• Man-in-the-Middle (MitM) Attacks

Human error drives breaches.

Internal vulnerabilities, primarily due to human error, account for 70% of breaches in manufacturing, underscoring the importance of comprehensive cybersecurity training.

– Data Guard, 2024

IT assets can be breached in several ways (1/3)

IT Assets & Breach Methods

Workstations

• Malware and ransomware
• Phishing
• Unpatched software
• Unauthorized physical access

Switches, Routers, Firewalls

• Firmware vulnerabilities
• Configuration errors
• Denial of service
• Man in the middle
• Weak passwords

Servers

• Software vulnerabilities
• Brute force attacks
• SQL injection
• Distributed Denial of service
• Stolen credentials

Virtual Machines

• Hypervisor vulnerabilities
• Unsecure configurations
• Guest OS vulnerabilities
• Data/credential theft

Software

• Unpatched vulnerabilities
• Supply chain attacks
• Malware
• Weak authentication
• Buffer overflow

Mobile Devices

• Malware
• Phishing
• Man in the middle
• Lost/stolen devices
• OS vulnerabilities

Cloud Assets

• Configuration error
• Credential theft
• Denial of service
• App vulnerabilities
• Insider threats

Note: This is representative and not exhaustive

Source: Office of Cybersecurity, Energy Security, and Emergency Response, 2022

IT assets can be breached in several ways (2/3)

OT Assets & Breach Methods

Computing Devices

• Malware and ransomware
• Phishing
• Unpatched software
• Unauthorized access
• Brute force attacks
• SQL injection
• DDoS
• Hypervisor vulnerabilities

Software

• Unpatched vulnerabilities
• Malware
• Weak authentication
• Buffer overflow

Programmable Logic Controllers

• PLC exploits
• Malware
• Unauthorized access
• Unpatched firmware

Remote Terminal Units

• Network intrusions
• Unauthorized access
• Firmware vulnerabilities

Industrial Control Systems

• Network intrusions
• SCADA/ICS exploits
• Malware
• Configuration errors

Safety Instrumented Systems

• Firmware vulnerabilities
• Unauthorized access
• Network intrusions
• Manipulation of safety settings

Physical Access Control Devices

• Unauthorized access
• Tampering
• Credential theft
• Exploitation of weak authentication mechanisms

Note: This is representative and not exhaustive

Source: Office of Cybersecurity, Energy Security, and Emergency Response, 2022

IT assets can be breached in several ways (3/3)

Data Assets & Breach Methods

Business Data

• Data leaks
• Improper access
• Insider threats

IP

• Theft
• Cyber- espionage
• Insider threats

Customer Data

• Data leaks
• Phishing
• Improper access

Contracts

• Improper access
• Data leaks
• Insider threats

Security Logs

• Tampering
• Improper access
• Data corruption

Metadata

• Data leaks
• Improper access
• Tampering

Set Points

• Manipulation
• Improper access
• Config. errors

Operations Data

• Data leaks
• Improper access
• Tampering

Financial Records

• Data leaks
• Fraud
• Improper access

Historian

• Data breaches
• Improper access
• Tampering

Config. Files

• Tampering
• Improper access
• Errors

Note: This is representative and not exhaustive

Source: Office of Cybersecurity, Energy Security, and Emergency Response, 2022

Consider technologies, attack vectors, and case studies while planning your security posture

Most common types of cyber incidents in global manufacturing sector 2022:

Source: Statista, 2022

Manufacturers typically don’t implement compliant cybersecurity solutions.

“…only 50% of firms comply with standard cybersecurity protocols, indicating a significant gap in security implementation.”

– Data Guard, 2024

Major global manufacturers have faced cyberattacks over the last few years.

Sources: Arctic Wolf, 2024; CPO Magazine, 2023; Cybersecurity Help, 2021

Manufacturers must now contend with complex cybersecurity laws and frameworks

Manufacturers are seeing increasing regulations targeting both IT and OT to protect the interconnected nature of modern systems where data flows between informational and operational spheres. The specific business processes, data types, and technologies used by a manufacturer will dictate what regulations and frameworks they have to comply with.

Cybersecurity software offers significant potential to protect manufacturers (1/2)

Cybersecurity software offers significant potential to protect manufacturers (2/2)

A broad range of technologies exist to protect manufacturing environments from cyberthreats

The manufacturing cybersecurity solutions landscape includes asset discovery, vulnerability management, network security, and secure remote access, among other critical technologies. These solutions are integral in protecting both IT and OT environments from evolving cyberthreats, ensuring the safety, reliability, and efficiency of industrial operations. This section delves into each solution, highlighting their importance and application in the industrial sector.

Cybersecurity Technology & Solutions Landscape

• Asset Discovery & Vulnerability Management
• Cyber-Physical Security & Operational Systems Health
• Network Security Monitoring & Anomaly Detection
• Operational IT/OT Endpoint Security & Patch Management
• Perimeter Security, Segmentation & Zones Enforcement
• IIoT Device Security
• Product, Software & Supply Chain Security
• Secure Remote Access
• Risk Management, Governance & Compliance
• Identity & Access Management
• Social Engineering & Phishing Security

Cybersecurity Services Landscape

• Assessments & Testing
• Deployment Implementation & Managed Services
• Incident Planning, Response & Recovery
• Program Development
• Supply Chain & Product Security
• Training & Education

Source: “Industrial Cybersecurity Vendor and Services Landscape,” Takepoint Research, 2024

How to use this section: Manufacturing cybersecurity considerations

Solution Options

This area indicates options from the Technology & Solutions landscape, or the Services landscape listed in detail.

Scenarios

This area lists scenarios typically representative of organizational objectives. These objectives help define the specific direction and approach that your cybersecurity program must take.

Considerations

This area describes in detail the threat vectors, potential attack surfaces, and recommended standards to adopt for each of the scenarios applicable to that section.

Solution Components

This area represents one of two major solution components for cybersecurity consideration: either Technology & Solutions or Services.