banner

Thales Blog

Establishing an IAM Blueprint for Securing Manufacturing Environments

July 26, 2022

Danna Bethlehem Danna Bethlehem | Director, Product Marketing More About This Author >

The manufacturing sector is crucial to the economic prosperity of all countries. Products made by these manufacturing industries are essential to many other critical infrastructure sectors. An attack on or disruption of certain elements of the manufacturing industry could disrupt essential functions across multiple sectors, affecting both the national economy and security.

Attackers are increasingly disrupting operations

The 2022 IBM X-Force Threat Intelligence Index report indicates that manufacturing was the most targeted industry in 2021. The report findings demonstrate that credentials are a top target for cyber criminals. In fact, phishing campaigns, vulnerability exploitation and compromised credentials are the top three infection vectors leveraged by adversaries seeking to disrupt the manufacturing operations. More than 50% of attacks begin with leveraging user credentials.

Attacks are moving from IT to OT

The manufacturing sector is undergoing digital and cloud transformation, leading many companies to support a hybrid corporate computing environment, where multiple user identities co-exist. The convergence of IT and OT domains has emerged another infection vector – weak access controls to authenticate employees into a wide range of cloud-based and on-premises systems.

Attacks against manufacturing companies are based on a well-known concept: gain unauthorized access to the network with compromised credentials, move laterally through the network, elevate privileges, and deliver a malicious payload. The convergence of IT and OT domains have opened once-siloed OT systems to a new world of threats and risks. Once an attacker establishes a foothold on a business system, they can implement reconnaissance and privilege escalation to pivot into the OT domain, bypassing firewalls or other network controls. The example of the Colonial Pipeline attack is a fine example of the risks posed by the convergence of IT and OT.

Strong access controls are paramount

A cornerstone to protecting this hybrid environment is building strong access controls with appropriate multifactor authentication methods. The increased reliance on and importance of secure credentials is reflected in industry surveys indicating that manufacturers are mostly concerned with risks related to unauthorized access, intellectual property theft and operational disruption.

The success of digitalization of the manufacturing sector depends on establishing trust relationships between internal employees, remote employees and partners, devices, and services. To establish these trust relationships, in place Identity and Access Management (IAM) systems will need several features and requirements as shown in the table below.

IAM Blueprint for Securing Manufacturing Environments

Feature Explanation
Flexibility and elasticity to support deployment in a variety of scenarios and support a varying level of authentication journeys IAM acts as the bridge that creates a trusted connection between the IT domain and the OT environment, enabling the authenticated and authorized access of all personnel regardless of their role or position.
Support a variety of protocols and systems
  • RADIUS or application gateway for legacy, on-premises applications, and systems
  • SAML, OpenID Connect, or OAuth for web and cloud based apps
  • RESTful APIs, System for Cross-Domain Identity Management (SCIM) for non-standard legacy applications
  • Agents for non-standard applications
Compliance with standing acts and regulations for enhancing the cybersecurity posture of critical infrastructure The White House Executive Order provides a framework of actions on modernizing cybersecurity with the adoption of zero trust and the deployment of multi-factor authentication and encryption.
The OMB strategy for zero trust mandates all industries to provide phishing resistant multi-factor authentication methods, such as FIDO2 and PKI-based authentication to reduce the potential of advanced attackers breaking authentication through social engineering campaigns.

 

How to reduce the risk of breach

Thales’s SafeNet Trusted Access comes with powerful authentication capabilities to support a broad range of use cases within a manufacturing environment:

  • Secure access leveraging access management, adaptive and multi-factor authentication for both OT and IT worlds
  • Clientless authentication suited to shared workstations and mobile-free environments (Pattern-based, FIDO)
  • Authentication for knowledge workers and privileged users, depending on their user circumstances
  • Meet the guidelines for MFA that is resistant to Man-in-the-Middle attacks (FIDO2 and PKI certificate-based authentication)

Use this infographic to learn more on how to reduce cyber risk using Multi-Factor Authentication, or you can download our FREE whitepaper on reducing the risk of breach from identity compromise.