Although cybersecurity has become a priority at many manufacturing companies, risks have increased at the same time.
To better understand how companies are addressing heightened risks, Manufacturers Alliance and Fortinet partnered to study the strategies companies are using to cope with the new threat landscape, the state of collaboration between IT and operational technology, the tactics that have promise, and the barriers to progress.
Building on a related 2020 study, the 2023 study shows where companies have made progress and where they may have stalled over the last three years.
For an increasing number of companies, the risk of cyberattacks has moved from theoretical to real, so it shouldn't be a surprise that more manufacturers are focusing on cybersecurity now.
In the past few years, companies in multiple industries have been targeted with high-profile attacks on food processing, consumer packaged goods, and energy companies.
Manufacturers identified extortion through ransomware as their top concern, and 36% fell victim to a ransomware attack last year, up significantly from the 23% in the 2020 survey.
For equipment already in place, regular audits and assessments are critical elements in the cybersecurity equation.
Manufacturers are increasing their efforts, with 48% of survey respondents saying that they have conducted audits or assessments related to OT security within the past six months, up from 44% in 2020.
Many manufacturers are also taking a closer look at third-party vendors and service providers, such as system integrators, machine builders, and automation suppliers.
The majority of companies indicate that they require third parties to undergo comprehensive assessment and management.
The rest of the companies say their assessments and management are partial, limited, or non-existent.
Patching a 20-year-old device may be difficult or impossible, and for many companies, incrementally addressing the issues surrounding legacy equipment is the only way to make progress.
The lack of skilled personnel is another issue many companies face.
The cybersecurity talent shortage is making it harder to fill open OT security positions, which can lead to team burnout and increased overall risk.
When asked if they expect to have the right talent in place to address OT cybersecurity risks within the next three years, 22% of respondents said they are not confident, marking a slight deterioration since the 2020 survey.
Although communication between IT and OT is critical, many manufacturers are struggling with IT/OT collaboration in the aftermath of a breach.
Ineffective communication between IT and OT was ranked as a barrier to effective breach response by 82% of the companies surveyed.
As manufacturers evaluate how to blend new technologies for competitive growth, they must also build security into their plans and look at ways to facilitate IT/OT collaboration.
The reality is that even though manufacturers have made progress over the past few years, they may not be moving fast enough to stay ahead of OT threats.
Read the full report to find out how manufacturers can incorporate cybersecurity into their modernization plans.
This Cyber News was published on feeds.fortinet.com. Publication date: Wed, 06 Dec 2023 16:43:05 +0000