Cybersecurity in Manufacturing Industry
John Delaney, IIoT Solutions Architect
Cybersecurity is an everyday topic of conversation in both the mainstream and technical press. It has escalated from its traditional role as a threat to an individual or company’s information technology equipment to that where it is now viewed as a powerful weapon in a nation’s arsenal. Attacks are more frequent, more sophisticated, and the consequences of a successful attack now range from financial loss, inability to trade, to a mounting risk to human safety and a nation’s sovereignty. This short talk will address the world of Cybersecurity in manufacturing industry from a high-level viewpoint. The intention is to inform people who are not directly involved with Cybersecurity at a technical level. Typically, such people may be managing a company’s IT infrastructure or may be responsible for outsourcing security operations to a third party. In either case, they need to understand the risks that their organisations face and what they may potentially do about it.
The talk will start with an attempt to simplify the language around Cybersecurity – what are risks, attacks, vulnerabilities and mitigations. We will then describe various examples of these artefacts as they relate to manufacturing industry. Another subject for discussion is the differences – real or perceived – in how security is viewed between operational technology and traditional enterprise IT. We will discuss both the common and distinct security aspects in both domains. We will also touch on some practical steps that companies should be implementing – these include both procedural policies and technical architectures and tools. We shall introduce security aspects of the Industrial Internet of Things and if time permits the potential role of Blockchain technology. Also, for discussion is the current and upcoming security initiatives within the EU.