Before the pandemic, manufacturing plants mainly had to protect themselves from standard crimes. But that all changed after the crisis. It continues to be a problem today due to the supply chain’s failure to right itself and the massive increase in cyberattacks.
Industrial operations are a key component of the supply chain. Therefore, criminals target them. Cyolo references the Waterfall/ICSStrive threat report that has found cyberattacks soared by 140% in 2022 and affected more than 150 industrial operations. This amounts to 150 incidents. These cannot be taken lightly as cyberattacks have bankrupted two targeted organizations. One attack led to a fire that put employees at risk.
“At the current rate, we should expect cyberattacks in 2027 to cause shut-downs or other physical consequences in over 15,000 industrial sites, worldwide,” Courtney Schneider writes in The 2023 Threat Report — At a Glance.
Converging Manufacturing Plant Operational Technology and Cybersecurity
The report indicates cyberattacks have impacted operational technology because the physical systems depended on the affected IT systems. In some cases, the victims of cyberattacks shut down their operations “in an abundance of caution.”
From a cyber perspective, the U.S. Department of Energy has established the Cyber-Informed Engineering (CIE) Strategy [PDF]. The strategy is built on a body of knowledge in an effort to develop engineering-grade solutions to address the cyber risks as well as the supply chain risks.
These cyberattacks on manufacturing plants come with physical consequences. This means manufacturing needs to explore a combination of cyber and physical security solutions. One of the recommendations is to invest in the convergence of physical and cybersecurity.
Companies tend to focus heavily on cybersecurity and neglect the security of operational technologies. IBM’s The OT Security imperative — What is your strategy? confirms this. “As automation became more prevalent, so did the need for Operational Technology (OT)—the use of computer hardware and software to monitor and control physical devices,” the report says. “Industrial Control Systems (ICS) became a necessity for OT environments. They monitor and regulate process values like temperature, pressure and flow, and monitor machines to detect and prevent hazardous conditions and breakdowns.”
The IBM report references Bloor Research data that reveals 74% of the companies surveyed did not have a current operational technology risk assessment, 78% did not have operational technology-specific security policies, and 81% did not have an operational technology-specific security incident response plan.
As a result, IBM indicates industrial operational technology and manufacturing plants face the following security challenges:
- Lack of risk mitigation and remediation.
- Hard to test production environments.
- Limited security awareness.
- Limited patching.
Manufacturing plants are at a high risk of a catastrophic security incident and they’re going to struggle to recover because they don’t have a security response plan to prepare them for such a scenario.
To prevent and minimize attacks on their infrastructure, manufacturing plants need a cybersecurity and operational technology security plan that contains multiple layers of security.
How Manufacturing Plants Can Reduce the Risk of an Attack
Defending a manufacturing facility requires multilayered security that includes physical security. Here are the ways manufacturing plants can help protect themselves against security risks. In turn, it will protect workers, assets, and information.
1. Conduct a security risk assessment
Do you have a list of all your industrial control systems? If you don’t, this is the first step because you cannot secure the asset without knowing about it. The list is only the starting point.
Manufacturing plant management needs to identify and document all its assets and the processes they support. They also need to know how it’s connected to other systems. If there are security controls in place, then these need to be documented.
It’s crucial and worth the investment to bring in a security consultant to help with the security risk assessment. They will review the operational technologies and security used in the manufacturing plant to look for potential vulnerabilities.
They’ll also review crime reports using a tool like the FBI’s National Incident-Based Reporting System (NIBRS). The tool has interactive maps based on data from local law enforcement agencies. The data informs the plan as you’ll know what types of crimes occur in the geographical area around the facility to understand the crime risks.
A risk assessment isn’t something done once. It needs to be continuously reviewed and revised. Cyber and physical security technology and threats are constantly evolving. You want to ensure the manufacturing plant stays current.
2. Create a security strategy
Next comes the creation or revision of a security strategy. This establishes strategies and policies related to operational technology. For manufacturing plants, environment, safety, process integrity, and operational uptime are the highest priorities. Anything that threatens these factors needs a security strategy to reduce their risk.
The security strategy must incorporate layered security. A manufacturing plant may have all the right security technology in place. This will be for naught if a worker makes a mistake that creates a big security gap. The simple act of allowing a stranger into the building without checking their credentials can bring down the facility.
The security strategy needs to have security specialists to maintain the program. This includes overseeing a security training program that all employees must complete. They should receive this training and sign off on it at least once a year.
These operational technology security specialists can also be the point of contact for all security-related communications. It’s important there’s more than one security specialist to ensure there is always someone available.
3. Implement multiple layers of security
The more effective security programs contain multiple layers. The more security layers an organization has, the lower its risk of theft, trespassing, and vandalism. A manufacturing plant that views security as a program integrates into the organization’s culture and processes.
Remember, security is not just about operational technology and IT. It’s also the perimeter around the plant. Workers most likely drive to work in vehicles. A lot of parking lots have been hit by crimes because the facility did not secure them. Crimes in parking garages are rising due to the growing number of smash-and-grabs and catalytic converter thefts.
Pay attention to the number of entrances and exits in the manufacturing plant. The more of these you have, the more difficult it will be to secure the building. Limit the number of entry points and ensure they’re properly lit and monitored by security cameras.
4. Use video surveillance with remote monitoring
Video surveillance with remote monitoring adds multiple layers to security. It can help deter crime, lower liability, and increase plant productivity. Remote video surveillance involves installing security cameras around the property including the parking areas, entry points, and exits. Then, the monitoring can be done by technology and humans. The most effective monitoring uses video analytics and trained human monitoring operators.
The appearance of video cameras can act as one deterrent. The technology doing the monitoring adds another deterrent as it puts more eyes on the plant, and it does a lot of the heavy lifting. The monitoring operator works with technology like video analytics to spot potential problems and respond to them. The operators are located offsite and can use an onsite audio speaker to warn intruders on the site. This adds another security deterrent.
Remote video surveillance can save everything as recordings to use in liability claims, evidence in crimes, and training employees to improve productivity. Plant management can work with the security vendor to identify opportunities for improving productivity and efficiency. They can use the footage in employee training.
5. Add an access control system
An access control system helps manage entry and access around the facility. Authorized people can enter the building. Their access can also be limited to certain rooms and areas around the perimeter including the parking lot. These can be integrated with remote video surveillance to save on time and costs.
6. Cybersecurity for physical security
Don’t forget about the security of the security technologies themselves. This includes video surveillance and access control systems. In your research for security vendors, ask them about their process for securing their own technologies.
Do they update the software running on the systems? What are their backup plans for anything that goes wrong with the security technologies? What if someone hacks into a camera? How does the security company reduce the risk of hacking into the system?
Securing Manufacturing Plants
One of the most powerful security solutions in terms of cost and effectiveness that can yield a faster ROI on your manufacturing facility plant is video surveillance with remote monitoring. It offers coverage across the entire perimeter inside and outside of the manufacturing plant.
Moreover, remote video surveillance is a proactive security solution. It has the ability to deter crime. Most traditional security systems are reactive and can’t deter crimes. Management also may not find out about a crime until much later. This is where video recordings come in handy. The important component of proactive video security is remote monitoring. If no one watches the cameras, then it renders technology into passive security. It could lead to liability issues. Video surveillance with remote monitoring lowers liability.
Stealth Monitoring security professionals can design a right-sized security solution for your securing manufacturing facilities. To learn about securing operational technology, contact us.
Texas Private Security License Number: B14187
California Alarm Operator License Number: ACO7876
Florida Alarm System Contractor I License Number: EF20001598
Tennessee Alarm Contracting Company License Number: 2294
Virginia Private Security Services Business License Number: 11-19499
Alabama Electronic Security License # 002116
Canada TSBC License: LEL0200704
