2020 10 07  It’s easy to get caught up in the impact of cybercrime on corporate and personal data. It’s data that ransomware hijacks, and it’s data that gets leaked. This focus is not surprising, given the exponential growth in data around the world, as well as its importance in our digital, knowledge economy.  “Data is the new oil” after all.

OT vs IT

That said, the second panel discussion during Acronis’s recent virtual conference was a stark reminder of the impact of cybercrime on operational technology (OT). OT deals with the machines that build our world, as opposed to information technology (IT), which deals with data. The panel was titled Manufacturing and Industry 4.0: Evolving from Reactive to Proactive defenses against Downtime and was moderated by Williams Racing CIO, Graeme Hackland. (We share the link to the recording at the end of this article.)

Typical cybersecurity paradigm not always appropriate for OT realities

Research from Aberdeen indicates an average hourly downtime cost for manufacturing across all industries as a whopping $260,000 per hour. And panellist, Mohammed Nabeel, senior solution architect, cybersecurity at Yokogawa Middle East & Africa, pointed out that, unlike in the IT world, planned downtime might need two to four years in preparation because it is such a disruptive event. Furthermore, as manufacturing is increasingly digitalised, with more machines needing network access and cloud capabilities, protecting OT from cybercrime is becoming increasingly complex.

Nabeel also graphically illustrated how the typical cybersecurity paradigm might be totally inappropriate for the manufacturing floor, where the first line of defence is often an evacuation. In one instance, during an ammonia leak, an employee who was trying to switch off the valve mistyped their password multiple times – understandable, given the physical conditions. But then the automated fallback security process was a retina scan – also very difficult, if not impossible, given the environment. And the employee wasn’t any closer to shutting off the valve and containing the leak.

OT security needs an integrated approach

As with IT security, there is no silver bullet solution for OT security, and an integrated approach powered by AI and automation is essential. However these solutions need to recognise the specific requirements of the OT space. For instance, availability is the number one priority in OT. Not to mention the restrictions and limitations of the physical environment, as in the example above, make implementing capabilities such as automation challenging.

Top tips from industry experts

The panellists also each offered their tips for evolving from reactive to proactive security:

Use AI as your watchdog to find incidents in the flood of data.” — Sascha Maier, head of IT and cyber resilience at IWC Schaffhausen.

“Manufacturing is traditionally well-prepared for the expected. Systemic learning from reaction will be necessary to prepare for the unknown.”  — David Fuhr, head of research at HiSolutions AG.

“Modern business continuity can only be achieved by integrated cyber protection solutions, not separate backup, cybersecurity and system management.” — Nick Grebennikoff, chief development officer at Acronis.

No single measure is sufficient to defend against cyberattacks due to progressive adoption of IoT, which demands more integrated networks. Lack of visibility is undermining the effectiveness of established defences.” — Mohammed Nabeel, senior solution architect, cybersecurity at Yokogawa Middle East & Africa.

This is just a snapshot of some of the insights shared during the virtual conference. You can watch the full recording here.

And hopefully this whets your appetite for the upcoming Acronis Global Cyber Summitread more and register here, now!

Written for publication on the Synapsys website on 7 October 2020