Omdia, in partnership with Telstra International, surveyed over 500 technology executives worldwide on the convergence of Information Technology (IT) and Operational Technology (OT) in their core operations, and how they managed cyber security challenges.
The heightened risk of cyber attacks comes as manufacturers move to leverage IT – such as cloud, AI, and Internet of Things (IoT) technology – as part of their digital, or ‘Industry 4.0,’ transformations.
While the convergence of IT with traditional OT can increase scale, resilience and efficiency in manufacturing operations, it also increases the attack surface for cyber threats. Critical industries are increasingly lucrative targets for cyber exploitation including ransomware.
Manufacturers affected by a cyber attack reported a resilience or availability issue that cost individual firms between $200,000 and $2 million, reporting the biggest impact when incidents affected enterprise and corporate systems or production control.
In a statement, Geraldine Kor, Telstra International’s Head of Global Enterprise Business, said: “Greater connectivity between IT and OT is necessary to harness advanced technology for manufacturing innovation, but it increases the risks of a breach. However, very few firms are mature in protecting and defending against such cyber risks.
“Our study also uncovered a fragmented approach to security responsibility, which can leave manufacturing businesses without a clear direction. This responsibility must be clear and integrated so that one group or person will have the authority to act on security challenges for mission-critical systems. It is equally important to have the right people and security-focused culture as their absence will hinder security posture readiness, compounding technical challenges.”
More from Machinery
Ganesh Narayanan, Telstra International’s Global Head of Cyber Security, noted that the manufacturing and other industrial sectors historically relied on air gapping for security, where OT systems are typically segregated from corporate IT systems to protect against external threats. However, this approach is no longer sustainable with increasing IT-OT convergence, which expands the threat surface significantly.
“IT and OT integration create enormous value for organisations across industries, although organisations must address risks to unlock its potential,” he said. “Organisations should prioritise IT/OT and IoT security across six core areas: Collaboration and planning, defining a strategy, bolstering technical expertise, assign responsibility and accountability, leveraging the right tools, and expedite readiness with standards.”
The report states that more pervasive connectivity between IT and OT is essential across greenfield and brownfield manufacturing system design and enhancements, with step change improvements to innovation, availability, safety and security require firms to harness Industry 4.0 technologies.
However, it adds that as most firms have been hit with expensive outages and security incidents, it is clear that more traditional security controls, policies and culture struggle to keep pace, and better understanding is needed for ‘proactive remediation.’
The whitepaper, ‘Secure manufacturing: The challenges of IT/OT convergence,’ can be downloaded and read in full here.
