Integrating IT and OT security
Operational technology (OT) is at high risk to be hit by a cyber attack due to legacy systems, Industry 4.0, the Industrial Internet of Things and increasingly connected production systems and machine tools. If the crucial OT environment is compromised, production is shut down, which can have a devastating impact on business continuity and can result in loss of revenue.
In the second half of 2022, the manufacturing sector suffered the most cyber attacks worldwide. In some cases this has led to a disruption of 4 days or more. While 86% of manufacturers admit to running on outdated or not secured IT systems, just over half said that they always make cybersecurity improvements after an incident. These numbers show that protecting factory environments – from traditional devices to state-of-the-art infrastructures – is crucial.
Key cybersecurity challenges for manufacturing
Securing both IT and OT
In the manufacturing sector, IT is actively used in OT/ICS (industrial control system) environments and due to an increasing number of connected IT and OT devices, the attack surface is rapidly expanding. This creates an increasingly complex environment that often leaves companies exposed. Cybercriminals attacking OT can cause significant damage, for example shutdowns, equipment damage, and the loss of financial assets, reputation, and intellectual property.
Manufacturers should implement security that combines technology optimized for IT as well as OT, so they can centrally manage cyber defense without interrupting operations. At Trend Micro, we have expertise in both areas. We connect OT Security solutions (TX-One) to Vision One to create a single security platform for IT and OT.
Finding a patch window
Since manufacturers are 24/7 organizations, OT has to be available at all times. Thus, finding a patch window is a challenge, which sometimes means security patches are not applied and field engineering teams keep using outdated OT. This makes OT systems vulnerable to cyber-attacks.
When patching, you risk that applications may temporarily not run properly due to a software conflict after patching. Because of the risk of downtime, the facility provider or vendor does not always allow asset owners to install security patches. And with certain manufacturing devices, the product makers can prohibit software patches by anyone but themselves to preserve device integrity. Manufacturers need a contextualized, risk-based approach and good overall attack surface risk management.
Legacy systems
Manufacturers often work with older legacy systems because equipment is used for a long period of time. However, developments have gone so fast in recent years, making legacy systems no longer adequate for the job. In addition, these systems are more difficult to secure due to their age and the fact that every system needs a different security approach.
Trend Micro offers various solutions based on virtual patching to secure legacy systems, both host based (Deep Security and Cloud One) and network based (TippingPoint and TX-One appliances). TXOne StellarEnforce, for example, prevents malware from functioning on fixed-use legacy systems by enforcing a strict list of approved programs.
Supply chain risks
Manufacturing companies typically have complex global supply chains, relying on many third-party vendors and suppliers for parts, components, and software. It is crucial to ensure all parties have adequate cybersecurity measures in place. If this is not the case, attackers may try to exploit vulnerabilities to gain access to the manufacturer's network via supply chain attacks, affecting many organizations through one single vendor.
To minimize the cybersecurity risk in your supply chain, it is essential to gain a comprehensive understanding of the supply chain itself and corresponding data flow, and to identify high-risk suppliers.
More sensors leads to more data
Sensor data can make the production process more efficient, therefore data collection, data sharing, and data analysis are becoming increasingly important. However, this also makes the manufacturer more attractive for attackers. Another difficulty is that an environment includes assets from a wide range of manufacturers and data from these assets are not always compatible.
A comprehensive security approach is crucial. By using an OT zero trust approach, you can inspect assets as they arrive and segment the network with hardware to secure the data flow (data in use, data in transmission, and data at rest).
Flat network
Your factory uses many devices. Cyber attackers only need to infect one device to gain access to the entire network, risking massive loss. Network segmentation provides a solution. However, to deploy network segmentation, configuration settings in existing networks need to be changed, which could have an impact on system availability. Furthermore, it is a time-consuming task. Ensure you avoid the spread of a cyber incident by deploying network segmentation.
Mazda Motor Logistics Europe relies on Trend Micro for all aspects of security
Mazda Motor Logistics Europe (MLE), Mazda’s logistics hub in Europe, has existed for around forty years. MLE delivers parts to 2,300 Mazda dealers in Europe via 22 national sales organizations. Its assets are worth many millions of euros. Thus, Mazda MLE’s IT department pays special attention to securing the IT infrastructure.
To protect the virtualized servers, they chose Trend Micro Deep Security. Protection against advanced persistent threats, command and control attacks and similar problems was entrusted to Trend Micro Deep Discovery. Lastly, Trend Micro’s Control Manager was selected for the integration and central management of all security solutions, which simplified management and offered a better overview to detect attacks earlier on.
Get ready for NIS2
Specifically for the manufacturing sector, it is important to pay attention to the efforts of chain partners in terms of cybersecurity. An updated version of the NIS directive will be implemented starting in 2025. This will have a huge impact on the manufacturing sector, as the security regulations will touch all critical services. Manufacturers will also be expected to monitor the security measures of their chain partners. To ensure compliance, your organization will need a variety of measures such as detection & response, awareness training and remediation plans.
To help you prepare, learn more about the NIS2 directive implications for your organization.
Why Trend Micro as a partner for manufacturing?
Experience
We work with many large manufacturers such as Mazda Motor Logistics Europe and Fujitsu Limited, and help them overcome their cyber security challenges on a daily basis, preparing them for the latest and most advanced attacks.
Full portfolio
We have expertise in IT and OT. We connect OT Security solutions (TX-One) to Vision One to create a single security platform for IT and OT. Solutions can also be used as standalone services, allowing you to build according to budget, time and needs.
Global leader
Our Zero Day initiative puts us in the first line of detection, with 64% of all vulnerabilities disclosed by Trend Micro.
Discover our solutions
TXOne solutions
This industrial cybersecurity solution delivers security inspection, endpoint protection and network defense with OT Zero Trust and OT-native technology supports technicians to centrally manage cyber defense of a vast number of assets.
Trend Cloud One Workload Security
Secure your data center, cloud and containers without compromising performance by leveraging a cloud security platform with Cloud-Native Application Protection Platform (CNAPP) capabilities.
Trend™ TippingPoint™ Threat Protection System
With TippingPoint Threat protection go beyond next-gen IPS without compromising security or performance. Tippingpoint provides immediate and onging threat protection with out-of-the-box recommended settings.
Trend Deep Security
Protect the legacy systems against vulnerabilities, malware, and unauthorized changes based on virtual patching with the broadest hybrid cloud security capabilities for your mixed environment of virtual, physical, cloud, and containers.
Let's talk!
Are you ready to take your organization's cyber security to the next level and safeguard your production process? Book your demo or schedule a 15-minute speed date where we explain how Trend Micro can assist you based on your needs and requirements.