Long gone is the time when manufacturing systems and operations were siloed from the Internet and, therefore, were not a cybersecurity target. Nowadays, any organization is heavily and deeply connected to the Internet: local, distributed and cloud environments, a plethora of machines, devices and Internet of Things (IoTs), and above all, numerous “work from anywhere” employees.
Today, at the dawn of the 4th industrial revolution, manufacturers of all kinds are a tempting and vulnerable high-value target for threat actors because of their high intrinsic worth and the dangers of economic harm from supply chain disruptions. The manufacturing edition of the Thales 2022 Data Threat report sheds a light on how these industries are susceptible to cyber threats and provides advice on improving a manufacturing cybersecurity posture.
Survey’s key findings
The research was conducted in January 2022 as an observational study via a web survey aimed at professionals in security and IT management worldwide. This report focuses on a subset of the survey's data that concerns 90 automotive and 157 non-automotive manufacturing security leaders and practitioners, comparing their responses to the universe of 2,800 respondents from all verticals. The most important key findings are:
Humans, the alpha and the omega of cybersecurity
Humans have the privilege to be the most important and, at the same time, the most vulnerable factor of our digital world. Many devastating full-scale cyber attacks started from a simple user error. The data from the survey demonstrated that humans occupy the top positions on the threat list, both for automotive and non-automotive manufacturers: human errors, nation-state actors, hacktivists, and malicious insiders.
Although the respondents seem to be aware of the cyber threats, 7 out of 10 do not prioritize multi-factor authentication (MFA) as the most effective security technology for protecting sensitive data against cyberattacks! Additionally, although 1 out of 4 manufacturers reported encrypting over 60% of their sensitive data in the cloud, 3% above the global average, encryption is yet another technology manufacturers prioritize less than total global respondents.
Finally, the survey’s data highlighted that the use of advanced authentication methods in cloud services and applications is much higher than is used for legacy on-premises applications.
Almost 3 out of 4 participants observed an upward trend in ransomware attacks, while half mentioned an increase in malware, Denial of Service, and phishing/whaling. Additionally, 80% of the participants responded that they are highly concerned by remote working potential cyber threats.
Almost a quarter (23%) of automotive and 18% of non-automotive manufacturers reported having suffered a ransomware attack leading to financial losses, increased recovery costs, lost sensitive data and productivity, and reputation damage. Sadly, less than 50% of the manufacturing participants have formal contingency plans at hand to activate in case of a ransomware attack.
The challenge to protect sensitive data
To protect your data effectively, you need to know where your sensitive data is. More than half of automotive and non-automotive participants feel very confident that they know where their data is, having almost the same percentage compared with the 53% of respondents across all industries. However, the survey also showed that only 19% of automotive and 26% of non-automotive manufacturers had classified all of their data, meaning that they can identify the actual sensitive data that needs to be protected.
The manufacturing industry tends to use several key management tools, thus increasing risk, cost, and complexity. The survey showed that 51% of automotive and 61% of non-automotive manufacturers reported having 5 or more key management solutions.
Regarding sensitive cloud data protection, 6 out of 10 respondents have implemented encryption, however only 53% properly manage the lifecycle of their encryption keys. Encryption is only as good as the keys in use; poor key lifecycle management can result in vulnerabilities and increased cyberattack threats.
Adopt a Zero Trust Approach
As manufacturing infrastructure is usually distributed and heavily dependent on third parties, adopting a Zero Trust strategy is a must since it assures least privilege access to widely dispersed, high-value data and assets, both on and off-premises. The size, complexity, and flexibility of the underlying networks and, thus, the attack surface has also significantly risen with the conversion of classic OT devices like industrial controls to IoT devices. Zero Trust security techniques are typically effective and serve well in these settings.
Compared with the 29% across all industries, 26% of automotive and 31% of non-automotive participants reported that they embrace and implement Zero Trust strategies. The top-three areas where respondents want to employ Zero Trust are cloud access, on-premises access, and remote access management, with cloud access being the first selection across automotive and non-automotive manufacturers, with 64% and 67%, respectively.
Security issues have impacted manufacturers due to highly distributed infrastructure and the human factor. Not implementing encryption and full lifecycle key management contribute to the problem of data loss from breaches.
Thales’s report showed that MFA is developing as a defensive measure but is not yet widely used. The Zero Trust approach gains momentum in remote access and cloud environments, but to be truly effective, it should be employed everywhere and to everybody, regardless of location. A ZeroTrust plan should also include the independent protection of cloud-based assets from the cloud infrastructure, using encryption and centralized key management.
As manufacturers advance, visibility throughout their company, shared understanding, and collaboration culture are paramount to improving security. To learn more, download the full version of the 2022 Thales Data Threat Report - Manufacturing Edition.