Manufacturing Cyber ​​Security: Trends and Survey Response | So Good News


Figure 5: Q19. What are your organization’s top two reasons for implementing cybersecurity measures to protect your ICS/OT systems so far?

Q20.What do you believe are the top two reasons for your organization’s implementation of cyber security measures to protect your ICS/OT systems in the next three years?(NB: Multiple Choices Allowed)

We will consider the reasons and background for these results.

One of the reasons for the high level of vigilance to prevent recurrence is that a high percentage of improvements are expected to be built to continuously increase productivity in the manufacturing industry, and security can also be incorporated into that system. This result is US, It is the highest in Germany and Japan and exceeds 31% in all countries, a fact that is not as varied as other industries. You can see that this is a common practice across the industry.

5G initiatives changed the most in Japan, rising 7.2 points. I believe two factors driving the big change in Japan are the benefits of introducing 5G and the need for security measures for issuing local 5G base station licenses.

The Ministry of Internal Affairs and Communications has expanded the spectrum used by the domestic 5G usage system from 4.6 to 4.9 GHz from December 2020, and the government has introduced a preferential tax system for 5G. The benefits are even greater.

Cyber ​​security measures, including supply chain risks, have been stipulated by the Ministry of Internal Affairs and Communications as a condition of approving development plans for dedicated base stations for the introduction of 5G. Domestic 5G should have the same conditions at the time of licensing.

5G interest in Germany remains high at 31.4%. An autonomous decentralized inter-industry cooperation mechanism (GAIA-X), which has been considered and implemented in Germany since around 2016, will start full operations in 2021. The German government’s mobile communications strategy and the EU as well. The whole body.

We are actively working on 5G against the backdrop of investment in the Digital Europe program we are promoting. At the same time, it is considered that special attention must be paid to security. Cloud usage scores are similarly high. Security risks and threats need to be analyzed when introducing these new technologies.

2 Trend Micro proposal

A summary of our research and analysis:

  • The downtime due to security incidents in the manufacturing industry is short and as a result the amount of financial damage is relatively low. It’s supposed to be because there are so many built-in systems, and it’s relatively easy to stop and start.
  • While we are constantly working to improve security, we believe there are still issues to be resolved to ensure security when using the cloud or using removable media.
  • The barriers to introducing new technologies such as cloud and 5G are tougher than in other industries, but the number of participating companies and products will increase accordingly. We must be aware that security management requirements will increase, such as analyzing new attack surfaces.
  • various tools; You need to visualize the security risks of complex systems with a mix of services and vendors and implement measures to ensure safe operation.

Based on this result, Trend Micro proposes to summarize and solve the cybersecurity challenges for CISOs in the manufacturing industry:

  • Take advantage of the manufacturing process improvement process to implement preventive measures specializing in OT to strengthen security and operations and prevent recurrence.
  • Create a system and mechanism that enables accurate root cause analysis and response when an incident occurs in IT and OT.
  • When new technologies such as 5G are introduced; Conduct threat and risk analysis more broadly than internally. It visualizes dynamically changing conditions during operation and shortens the time to detect and react to minimize damage.

More information on threats to ICS endpoints, including manufacturing, can be found here.


Source link