Security Challenges For Smart Factories – How Does SASE Help?

Raw materials are automatically ordered for just-in-time inventory management while equipment servicing needs are predicted beforehand, reducing downtime and other maintenance overhead. Lights-out factories (fully automated factories that can operate in the dark) promise the freedom of remote operations, sustainability, lower labor costs and improved profitability. 

This rising tide of digitization and automation is leading to major concerns around cybersecurity. Smart factories are significantly more productive and competitive, yet a lot less secure: 79 percent of organizations feel that cyber-risk in smart factories is much higher than in traditional or non-smart factories. Here’s why:

 

1. Cyber-physical Systems Are Expanding The Attack Surface

Cyber-physical systems (consisting of sensors, machines, workpieces, IT systems, connected devices and robots) are increasingly being integrated into smart factories, making them exposed to cyber-attacks, remote access, infiltration or espionage. For instance, a threat actor can intercept communications between these tools or gather audit files and logs to extract sensitive or critical information; they can exploit their wireless capabilities to gain remote control over a system; they can use stolen credentials to gain unauthorized access into the production environment.

 

2. Connectivity And Security Of Remote Sites Is Always A Challenge

Major manufacturers have a worldwide presence, with facilities spanning multiple remote sites  across the globe. Dedicated and high-speed connectivity at remote locations isn’t always feasible and can end up being expensive. Even if connectivity isn’t an issue, security is always a challenge due to the overwhelming range of cyber threats and lack of security specialists. In addition, secure remote access is increasingly becoming a priority, alongside connectivity and security requirements.


3. Lack Of Visibility Into The Overall IT-OT Estate

There’s a saying in cybersecurity: you cannot protect what you cannot see. One of the biggest challenges in manufacturing environments is the sheer scale of sensors, controllers, IoT and IIoT devices, surveillance cameras, edge and other connected devices. Having visibility into each device, securing it, updating it and monitoring it can prove burdensome for most security teams, leaving many devices unpatched. Manufacturing environments can’t afford the downtime needed to run full system and individual device scans.
 

4. Sheer Scale Of Vulnerabilities In Devices And Applications

The manufacturing sector is the most targeted industry relative to ransomware attacks. Experts believe the root cause of this problem lies in the presence of critical vulnerabilities (like Log4Shell) that are left unaddressed in manufacturing devices. Moreover, the scale and volume of these vulnerabilities is so massive that most security practitioners feel overwhelmed and have a hard time prioritizing and remediating vulnerabilities. 


5. A Hybrid Threat Environment

Studies show that only a few factories are truly next-generational. Many of these so-called smart factories are really a blend of the old world and the new, containing decades-old industrial control systems that may be prone to sun-setting; meaning software development and updates have been retired. Some equipment might only work on legacy operating systems and continuing its use may be the only option left. Such legacy infrastructure is an ideal target for threat actors. 

 

What Is SASE And How Does It Help Mitigate Security Challenges For Smart Factories?

Secure access service edge (SASE) is a new cloud-native networking and security model that converges software defined wide area networking (SD-WAN) technology along with a host of security functions such as cloud access security broker (CASB), intrusion prevention system (IPS), data leakage prevention (DLP), secure web gateway, and zero trust network access (ZTNA) into a converged cloud-native service. Listed below are the key advantages of this security architecture for smart factories and manufacturing organizations:

  • Improved Security, Reduced Complexity: This single-pane-of-glass approach to networking and security allows security teams to deploy and configure security policies across the entire IT-OT estate. All traffic flowing to the SASE cloud is inspected for threats using multiple security layers.
  • Clear Connected Device Visibility: Since all network traffic flows through a centralized SASE backbone and AI capabilities identify devices and operating systems via the network, organizations can identify, map and secure unknown and unmanaged devices or applications. Security teams can understand the device or application’s traffic usage patterns and identify any potential traffic anomalies. The unique cloud-based security approach enables a “mitigate-once-protect-everywhere” approach eliminating the need to patch box-by-box. For devices that are hard to patch or cannot be patched, security teams can now apply virtual patches.
  • Middle-mile Connectivity: Should the organization look to expand to remote locations, SASE makes it possible to connect remote sites using an ordinary internet connection. As long as the SASE provider has a network of installed PoPs (points of presence) in those regions, SASE connects all locations securely via encrypted tunnels and maximizes throughput with built-in network optimizations.
  • Identical Performance and Control Regardless of Location: Distributed workers can connect to the network using zero-trust policies and receive the same security configuration, permissions and network performance from any location. Similarly, security teams can configure, monitor, and operate security technology or implement security policies across any network, application or device, regardless of where they’re located. 

 

Intelligent facilities promise productivity gains and operational improvements. But their interconnected nature creates a vast attack surface vulnerable to infiltration. Legacy systems, unpatched vulnerabilities and the sheer volume of connected devices make these factories prime targets for cyberattacks. converging multiple security functions into a single cloud-native interface affords better enforcement of security policies, lower management overhead (virtual patching), and visibility over the entire connected infrastructure -- important aspects for protecting these geographically dispersed environments.

 

   

Etay Maor is Senior Director of Security Strategy for Cato Networks, a leading network security provider with more than 2,200 enterprise customers and 1,000 employees across 30 countries. Previously, he was Chief Security Officer for IntSights and held senior security positions at IBM and RSA Security's Cyber Threats Research Labs. An adjunct professor at Boston College, he holds a BA in computer science and a MA in counter-terrorism and cyber terrorism from Reichman University (IDC Herzliya), Tel Aviv.

Etay.Maor@catonetworks.com

@catonetworks |  https://twitter.com/CatoNetworks

https://www.linkedin.com/in/etaymaor/

Comments (0)

This post does not have any comments. Be the first to leave a comment below.


Post A Comment

You must be logged in before you can post a comment. Login now.

Featured Product

Quickbase: The first application platform built for dynamic work

Quickbase: The first application platform built for dynamic work

By connecting everything through a single source of truth, the Quickbase platform helps businesses mitigate risk, reduce waste, and cut down on unexpected costs. With automated workflows and granular permissions, the right people will have access to the right information.