The world’s largest and most established industrial trade fair is currently taking place in Hanover. There is no doubt that the industrial value chain has changed since 1947, when the Hannover tradefair opened its doors for the first time, has changed significantly. Production environments are subject to constant change, driven by digitization. More and more critical systems and infrastructures are being connected to the Industrial Internet of Things (IIoT), opening up completely new targets for cybercriminals. Questions about securing operational technology (OT) in production are high on the agenda of many companies. Patch management is one of the most important building blocks in the context of holistic IT security strategies. But it is precisely here that many manufacturing companies have a clear need to catch up.
So brings a current study revealed that by 2022, 76 percent of manufacturing companies had unpatched, high-risk vulnerabilities in their systems that could be easily exploited by hackers. Of these companies, almost 40 percent were affected by malware infections.
What should be considered when securing operational technology in the industrial sector?
OT systems were originally designed to work in an environment isolated from the digital space. There can be no more talk of that today. Because the Internet is now a basic requirement for the modern technologies and functionalities for external control, which make a decisive contribution to increasing efficiency and reducing costs.
Challenges in implementing effective OT protection:
- Low security competence: Companies in the manufacturing industry usually have little dedicated experience in securing OT systems. In addition, the IT staff responsible for the remote connection are often not sufficiently trained with regard to the specific security aspects. Their focus is primarily on smooth operational processes – and less on the subject of IT security.
- Lack of security awareness: In addition, the workforce often lacks concrete awareness of possible areas of attack and the importance of cyber security in the context of controlling production facilities and OT systems. Many employees lack the knowledge to identify and report advanced cyber threats.
- Legacy systems: Many OT systems are outdated and use outdated technologies. However, this makes them more vulnerable to cyber attacks.
- Insufficient transparency and control: There is often a lack of transparency with regard to the connections underlying the OT systems. Organizations have limited control over IT and communications structures, making it difficult to detect and respond to cyber threats. In the worst case, such insufficient visualization of the IT environment can mean that vulnerabilities lie dormant at thousands of potential entry points.
- Limited Security Audit and Monitoring: Manufacturing companies often do not have the resources to regularly check and monitor the security of the systems, which of course also stands in the way of establishing an effective detection and defense against threats in line with the times.
EPDR and patch management as an essential contribution to more IT security
The protection of end devices and IT systems in the industrial environment requires a solution for endpoint security that is able to consistently detect sophisticated threats such as Advanced Persistent Threats (APT), zero-day malware, ransomware, phishing, rootkits and memory vulnerabilities to recognize and defend against. WatchGuard EPDR combines endpoint protection (EPP) technologies and EDR capabilities that enable largely automated identification and response. In this way, companies can sustainably meet the high requirements for securing production environments and operational technology. Since the protective screen can even be stretched for older systems from Windows XP and Server 2003, companies that are not among the technology pioneers can also implement complete protection of their IT landscapes.
In addition, this offsets Patch Management module Administrators are able to centrally manage software updates and patches and import them across companies as soon as they are available. In this way, potential security gaps can be closed quickly and automatically.
It is important that the different elements of a security strategy work together effectively and do justice to the specific requirements of the industry as precisely as possible. How this succeeds in various areas, we have on our information pages, which are aimed at companies in a wide variety of markets, summarized in a compact manner. Not only find here manufacturing plants informative details about which technologies are important in the course of consistently securing the IT structures and at the same time guaranteeing operational continuity and productivity.
Author: Michael Hass