Automation and digitalization have contributed to the transformation of the manufacturing industry, but also making it the top target for cybercriminals.

Manufacturers in Asia Pacific are pursuing digital transformation and other innovative initiatives including automation and advanced analytics.

While many industries are vulnerable to ransomware attacks, the manufacturing sector remains one of the most targeted industries.

Nadir Izrael, Chief Technology Officer, Armis

According to IBM Security X-Force Threat Intelligence Index, the manufacturing industry had replaced financial services as the top attacked industry in 2021, with ransomware attacks accounting for 23% of attacks on manufacturing companies.

With such high risks, how do organizations benefit from digital transformation without exposing themselves to additional cybersecurity risks?

Nadir Izrael, Chief Technology Officer, Armis, recently shared his thoughts with CybersecAsia on how digital transformation strategies are driving IoT roll-out, OT/IT convergence, and cybersecurity challenges. 

Tackling security blind spots

“The rapid digital transformation across industries, including manufacturing, has created significant blind spots for organizations when it comes to security,” he said. “As companies increase investments in automation, scaling their business and implementing IoT, the attack surface expands as well, and many security teams can’t keep up.”

Izrael said that Armis is hearing this directly from clients that have come to them for help as part of their digitalization journey.

So, what steps can organizations take in the face of these challenges?

The ability to respond as quickly as possible is critical. “Reducing the mean time to detection of cyber incidents is an important step,” he said, “as major attacks on OT and IoT attacks in the past couple of years have shown us that bad actors can wreak havoc if they are able to take advantage of connected devices that are not properly secured.”

As organizations continue to invest in IoT technologies, they should ensure that they are investing in security as well.

“Proactive monitoring of anything connected to the network, maintaining separation of OT and IT networks with in-depth security controls, and practicing overall strong cybersecurity hygiene can be the difference in protecting manufacturers on their digital transformation journey,” he said.

The holy grail

The holy grail of security teams is to have a complete, unified and authoritative asset inventory of everything – IT, OT and IoT – serving as a map of both the physical and virtual spaces an organization operates in.

Izrael has likened the cybersecurity situation to an army going into battle without a proper map. With the increasing volume of vulnerabilities and exploits we are witnessing today, it has become imperative to be able to see everything at a glance and proactively defend digital assets and the operations environment against actual and potential attacks.

He concluded with a warning: “Virtual constructs and cloud networks are massively growing, and security needs to keep up or suffer the financial and operational consequences.”